ID CVE-2017-10053
Summary Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.6.0:update_151
    cpe:2.3:a:oracle:jdk:1.6.0:update_151
  • Oracle JDK 1.7.0 Update 141
    cpe:2.3:a:oracle:jdk:1.7.0:update_141
  • Oracle JDK 1.8.0 Update 131
    cpe:2.3:a:oracle:jdk:1.8.0:update_131
  • cpe:2.3:a:oracle:jre:1.6.0:update_151
    cpe:2.3:a:oracle:jre:1.6.0:update_151
  • Oracle JRE 1.7.0 Update 141
    cpe:2.3:a:oracle:jre:1.7.0:update_141
  • Oracle JRE 1.8.0 Update 131
    cpe:2.3:a:oracle:jre:1.8.0:update_131
  • cpe:2.3:a:oracle:jrockit:r28.3.14
    cpe:2.3:a:oracle:jrockit:r28.3.14
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-284
CAPEC
  • Embedding Scripts within Scripts
    An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
  • Signature Spoofing by Key Theft
    An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
nessus via4
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170720_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
    description Security Fix(es) : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) - Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) - It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) - It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. (CVE-2017-10078) - It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) - A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) - A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) - It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) - Multiple flaws were found in the Hotspot and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10081, CVE-2017-10193) - It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen 2018-09-02
    modified 2018-01-26
    plugin id 101884
    published 2017-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101884
    title Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2017-869.NASL
    description It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107 , CVE-2017-10096 , CVE-2017-10101 , CVE-2017-10089 , CVE-2017-10090 , CVE-2017-10087 , CVE-2017-10110 , CVE-2017-10074 , CVE-2017-10067) It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108 , CVE-2017-10109) A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053)
    last seen 2018-09-01
    modified 2018-04-18
    plugin id 102502
    published 2017-08-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102502
    title Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2017-869)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201709-22.NASL
    description The remote host is affected by the vulnerability described in GLSA-201709-22 (Oracle JDK/JRE, IcedTea: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Oracle’s JRE, JDK and IcedTea. Please review the referenced CVE identifiers for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or gain access to information. Workaround : There is no known workaround at this time.
    last seen 2018-09-01
    modified 2018-01-26
    plugin id 103450
    published 2017-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103450
    title GLSA-201709-22 : Oracle JDK/JRE, IcedTea: Multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1073.NASL
    description Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in sandbox bypass, incorrect authentication, the execution of arbitrary code, denial of service, information disclosure, use of insecure cryptography or bypassing Jar verification. For Debian 7 'Wheezy', these problems have been fixed in version 7u151-2.6.11-1+deb7u1. We recommend that you upgrade your openjdk-7 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-09
    plugin id 102806
    published 2017-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102806
    title Debian DLA-1073-1 : openjdk-7 security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-14.NASL
    description This update for java-1_7_0-openjdk fixes the following issues : Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security (bsc#1064084). - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO (bsc#1064071). - CVE-2017-10281: Fix issue inside subcomponent Serialization (bsc#1064072). - CVE-2017-10285: Fix issue inside subcomponent RMI (bsc#1064073). - CVE-2017-10295: Fix issue inside subcomponent Networking (bsc#1064075). - CVE-2017-10388: Fix issue inside subcomponent Libraries (bsc#1064086). - CVE-2017-10346: Fix issue inside subcomponent Hotspot (bsc#1064078). - CVE-2017-10350: Fix issue inside subcomponent JAX-WS (bsc#1064082). - CVE-2017-10347: Fix issue inside subcomponent Serialization (bsc#1064079). - CVE-2017-10349: Fix issue inside subcomponent JAXP (bsc#1064081). - CVE-2017-10345: Fix issue inside subcomponent Serialization (bsc#1064077). - CVE-2017-10348: Fix issue inside subcomponent Libraries (bsc#1064080). - CVE-2017-10357: Fix issue inside subcomponent Serialization (bsc#1064085). - CVE-2017-10355: Fix issue inside subcomponent Networking (bsc#1064083). - CVE-2017-10102: Fix incorrect handling of references in DGC (bsc#1049316). - CVE-2017-10053: Fix reading of unprocessed image data in JPEGImageReader (bsc#1049305). - CVE-2017-10067: Fix JAR verifier incorrect handling of missing digest (bsc#1049306). - CVE-2017-10081: Fix incorrect bracket processing in function signature handling (bsc#1049309). - CVE-2017-10087: Fix insufficient access control checks in ThreadPoolExecutor (bsc#1049311). - CVE-2017-10089: Fix insufficient access control checks in ServiceRegistry (bsc#1049312). - CVE-2017-10090: Fix insufficient access control checks in AsynchronousChannelGroupImpl (bsc#1049313). - CVE-2017-10096: Fix insufficient access control checks in XML transformations (bsc#1049314). - CVE-2017-10101: Fix unrestricted access to com.sun.org.apache.xml.internal.resolver (bsc#1049315). - CVE-2017-10107: Fix insufficient access control checks in ActivationID (bsc#1049318). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10110: Fix insufficient access control checks in ImageWatched (bsc#1049321). - CVE-2017-10108: Fix unbounded memory allocation in BasicAttribute deserialization (bsc#1049319). - CVE-2017-10109: Fix unbounded memory allocation in CodeSource deserialization (bsc#1049320). - CVE-2017-10115: Fix unspecified vulnerability in subcomponent JCE (bsc#1049324). - CVE-2017-10118: Fix ECDSA implementation timing attack (bsc#1049326). - CVE-2017-10116: Fix LDAPCertStore following referrals to non-LDAP URL (bsc#1049325). - CVE-2017-10135: Fix PKCS#8 implementation timing attack (bsc#1049328). - CVE-2017-10176: Fix incorrect handling of certain EC points (bsc#1049329). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10111: Fix checks in LambdaFormEditor (bsc#1049322). - CVE-2017-10243: Fix unspecified vulnerability in subcomponent JAX-WS (bsc#1049332). - CVE-2017-10125: Fix unspecified vulnerability in subcomponent deployment (bsc#1049327). - CVE-2017-10114: Fix unspecified vulnerability in subcomponent JavaFX (bsc#1049323). - CVE-2017-10105: Fix unspecified vulnerability in subcomponent deployment (bsc#1049317). - CVE-2017-10086: Fix unspecified in subcomponent JavaFX (bsc#1049310). - CVE-2017-10198: Fix incorrect enforcement of certificate path restrictions (bsc#1049331). - CVE-2017-10193: Fix incorrect key size constraint check (bsc#1049330). Bug fixes : - Drop Exec Shield workaround to fix crashes on recent kernels, where Exec Shield is gone (bsc#1052318). This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2018-09-02
    modified 2018-01-26
    plugin id 105714
    published 2018-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105714
    title openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2018-14)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-954.NASL
    description This java-1_8_0-openjdk update to version jdk8u141 (icedtea 3.5.0) fixes the following issues : Security issues fixed : - CVE-2017-10053: Improved image post-processing steps (bsc#1049305) - CVE-2017-10067: Additional jar validation steps (bsc#1049306) - CVE-2017-10074: Image conversion improvements (bsc#1049307) - CVE-2017-10078: Better script accessibility for JavaScript (bsc#1049308) - CVE-2017-10081: Right parenthesis issue (bsc#1049309) - CVE-2017-10086: Unspecified vulnerability in subcomponent JavaFX (bsc#1049310) - CVE-2017-10087: Better Thread Pool execution (bsc#1049311) - CVE-2017-10089: Service Registration Lifecycle (bsc#1049312) - CVE-2017-10090: Better handling of channel groups (bsc#1049313) - CVE-2017-10096: Transform Transformer Exceptions (bsc#1049314) - CVE-2017-10101: Better reading of text catalogs (bsc#1049315) - CVE-2017-10102: Improved garbage collection (bsc#1049316) - CVE-2017-10105: Unspecified vulnerability in subcomponent deployment (bsc#1049317) - CVE-2017-10107: Less Active Activations (bsc#1049318) - CVE-2017-10108: Better naming attribution (bsc#1049319) - CVE-2017-10109: Better sourcing of code (bsc#1049320) - CVE-2017-10110: Better image fetching (bsc#1049321) - CVE-2017-10111: Rearrange MethodHandle arrangements (bsc#1049322) - CVE-2017-10114: Unspecified vulnerability in subcomponent JavaFX (bsc#1049323) - CVE-2017-10115: Higher quality DSA operations (bsc#1049324) - CVE-2017-10116: Proper directory lookup processing (bsc#1049325) - CVE-2017-10118: Higher quality ECDSA operations (bsc#1049326) - CVE-2017-10125: Unspecified vulnerability in subcomponent deployment (bsc#1049327) - CVE-2017-10135: Better handling of PKCS8 material (bsc#1049328) - CVE-2017-10176: Additional elliptic curve support (bsc#1049329) - CVE-2017-10193: Improve algorithm constraints implementation (bsc#1049330) - CVE-2017-10198: Clear certificate chain connections (bsc#1049331) - CVE-2017-10243: Unspecified vulnerability in subcomponent JAX-WS (bsc#1049332) Bug fixes : - Check registry registration location - Improved certificate processing - JMX diagnostic improvements - Update to libpng 1.6.28 - Import of OpenJDK 8 u141 build 15 (bsc#1049302) New features : - Support using RSAandMGF1 with the SHA hash algorithms in the PKCS11 provider This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2018-09-02
    modified 2018-01-26
    plugin id 102621
    published 2017-08-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102621
    title openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2017-954)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-1789.NASL
    description From Red Hat Security Advisory 2017:1789 : An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. (CVE-2017-10078) * It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * Multiple flaws were found in the Hotspot and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10081, CVE-2017-10193) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen 2018-09-01
    modified 2018-07-25
    plugin id 101877
    published 2017-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101877
    title Oracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2017-1789)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170807_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL
    description Security Fix(es) : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) - Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) - It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) - It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) - A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) - A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) - It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) - A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) - It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053)
    last seen 2018-09-01
    modified 2018-01-26
    plugin id 102665
    published 2017-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102665
    title Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x, SL7.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1792.NASL
    description An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 161. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10087, CVE-2017-10089, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10135, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 101882
    published 2017-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101882
    title RHEL 6 / 7 : java-1.6.0-sun (RHSA-2017:1792)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1791.NASL
    description An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 151. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 101881
    published 2017-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101881
    title RHEL 6 / 7 : java-1.7.0-oracle (RHSA-2017:1791)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2530.NASL
    description An update for java-1.6.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP50. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10087, CVE-2017-10089, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10243) IBM Java SDK and JRE 6 will not receive software updates after September 2017. This date is referred to as the End of Service (EOS) date. Customers are advised to migrate to current versions of IBM Java at this time. IBM Java SDK and JRE versions 7 and 8 are available via the Red Hat Enterprise Linux 6 Supplementary content sets and will continue to receive updates based on IBM's lifecycle policy, linked to in the References section. Customers can also consider OpenJDK, an open source implementation of the Java SE specification. OpenJDK is available by default on supported hardware architectures.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 102775
    published 2017-08-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102775
    title RHEL 6 : java-1.6.0-ibm (RHSA-2017:2530)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2017-0026.NASL
    description An update of [openjdk,openjre,pycrypto,python3-pycrypto] packages for PhotonOS has been released.
    last seen 2018-09-02
    modified 2018-08-17
    plugin id 111875
    published 2018-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111875
    title Photon OS 1.0: Openjdk / Openjre / Pycrypto / Python3 PHSA-2017-0026
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-3453.NASL
    description An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8 and Red Hat Satellite 5.8 ELS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-1289, CVE-2017-3509, CVE-2017-3511, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544, CVE-2017-10053, CVE-2017-10067, CVE-2017-10078, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10243, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388) For details on how to apply this update, which includes the changes described in this advisory, refer to : https://access.redhat.com/articles/11258 For this update to take effect, Red Hat Satellite must be restarted ('/usr/sbin/rhn-satellite restart'). All running instances of IBM Java must be restarted for this update to take effect.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 105267
    published 2017-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105267
    title RHEL 6 : Satellite Server (RHSA-2017:3453)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1789.NASL
    description An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. (CVE-2017-10078) * It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * Multiple flaws were found in the Hotspot and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10081, CVE-2017-10193) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 101879
    published 2017-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101879
    title RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2017:1789)
  • NASL family AIX Local Security Checks
    NASL id AIX_JAVA_JULY2017_ADVISORY.NASL
    description The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following subcomponents : - A flaw exists in the J9 VM class verifier component that allows an unauthenticated, remote attacker to cause an escalation of privileges. (CVE-2017-1376) - A flaw exists in the installp and updatep packages that prevents security updates from being correctly applied. (CVE-2017-1541) - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-10053) - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10067, CVE-2017-10116) - An unspecified flaw exists in the Scripting component that allows an authenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10078) - Multiple unspecified flaws exist in the Libraries component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10087, CVE-2017-10090) - An unspecified flaw exists in the ImageIO component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10089) - Multiple unspecified flaws exist in the JAXP component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10096, CVE-2017-10101) - Multiple unspecified flaws exist in the RMI component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10102, CVE-2017-10107) - An unspecified flaw exists in the Deployment component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10105) - Multiple unspecified flaws exist in the Serialization component that allow an unauthenticated, remote attacker to exhaust available memory, resulting in a denial of service condition. (CVE-2017-10108, CVE-2017-10109) - An unspecified flaw exists in the AWT component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10110) - Multiple unspecified flaws exist in the JCE component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10115) - An unspecified flaw exists in the Deployment component that allows a local attacker to impact confidentiality, integrity, and availability. (CVE-2017-10125) - An unspecified flaw exists in the JAX-WS component that allows an unauthenticated, remote attacker to impact confidentiality and availability. (CVE-2017-10243)
    last seen 2018-09-02
    modified 2018-07-17
    plugin id 103191
    published 2017-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103191
    title AIX Java Advisory : java_july2017_advisory.asc (July 2017 CPU)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1207.NASL
    description According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) - Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) - It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) - It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) - A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) - A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) - It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) - A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) - It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-11-15
    modified 2018-11-14
    plugin id 103065
    published 2017-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103065
    title EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2017-1207)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1208.NASL
    description According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) - Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) - It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) - It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) - A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) - A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) - It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) - A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) - It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-11-15
    modified 2018-11-14
    plugin id 103066
    published 2017-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=103066
    title EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2017-1208)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1790.NASL
    description An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 141. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 101880
    published 2017-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101880
    title RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2017:1790)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3919.NASL
    description Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in sandbox bypass, use of insecure cryptography, side channel attacks, information disclosure, the execution of arbitrary code, denial of service or bypassing Jar verification.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 101984
    published 2017-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101984
    title Debian DSA-3919-1 : openjdk-8 - security update
  • NASL family Misc.
    NASL id ORACLE_JAVA_CPU_JUL_2017_UNIX.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 141, 7 Update 151, or 6 Update 161. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-10053) - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10067, CVE-2017-10116) - An unspecified flaw exists in the Hotspot component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10074) - An unspecified flaw exists in the Scripting component that allows an authenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10078) - An unspecified flaw exists in the Hotspot component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10081) - Multiple unspecified flaws exist in the JavaFX component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10086, CVE-2017-10114) - Multiple unspecified flaws exist in the Libraries component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10087, CVE-2017-10090, CVE-2017-10111) - An unspecified flaw exists in the ImageIO component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10089) - Multiple unspecified flaws exist in the JAXP component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10096, CVE-2017-10101) - Multiple unspecified flaws exist in the RMI component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10102, CVE-2017-10107) - Multiple unspecified flaws exist in the Server component of the Java Advanced Management Console that allow an authenticated, remote attacker to impact confidentiality, integrity, and availability. (CVE-2017-10104, CVE-2017-10145) - An unspecified flaw exists in the Deployment component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10105) - Multiple unspecified flaws exist in the Serialization component that allow an unauthenticated, remote attacker to exhaust available memory, resulting in a denial of service condition. (CVE-2017-10108, CVE-2017-10109) - An unspecified flaw exists in the AWT component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10110) - Multiple unspecified flaws exist in the JCE component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10115, CVE-2017-10118, CVE-2017-10135) - An unspecified flaw exists in the Server component of the Java Advanced Management Console that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10117) - An unspecified flaw exists in the Server component of the Java Advanced Management Console that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10121) - An unspecified flaw exists in the Deployment component that allows a local attacker to impact confidentiality, integrity, and availability. (CVE-2017-10125) - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10176, CVE-2017-10193, CVE-2017-10198) - An unspecified flaw exists in the JAX-WS component that allows an unauthenticated, remote attacker to impact confidentiality and availability. (CVE-2017-10243)
    last seen 2018-11-17
    modified 2018-11-15
    plugin id 101844
    published 2017-07-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101844
    title Oracle Java SE Multiple Vulnerabilities (July 2017 CPU) (Unix)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3954.NASL
    description Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in sandbox bypass, incorrect authentication, the execution of arbitrary code, denial of service, information disclosure, use of insecure cryptography or bypassing Jar verification.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 102790
    published 2017-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102790
    title Debian DSA-3954-1 : openjdk-7 - security update
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1151.NASL
    description According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) - Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) - It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) - It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. (CVE-2017-10078) - It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) - A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) - A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) - It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) - Multiple flaws were found in the Hotspot and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10081, CVE-2017-10193) - It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-06
    modified 2018-12-04
    plugin id 102238
    published 2017-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102238
    title EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2017-1151)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2481.NASL
    description An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP10. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10243)
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 102536
    published 2017-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102536
    title RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2017:2481)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2424.NASL
    description An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053)
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 102250
    published 2017-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102250
    title RHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2017:2424)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-2424.NASL
    description From Red Hat Security Advisory 2017:2424 : An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053)
    last seen 2018-09-01
    modified 2018-07-25
    plugin id 102346
    published 2017-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102346
    title Oracle Linux 6 / 7 : java-1.7.0-openjdk (ELSA-2017-2424)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2281-1.NASL
    description This update for java-1_7_1-ibm fixes the following issues : - Version update to 7.1-4.10 [bsc#1053431] - CVE-2017-10111 CVE-2017-10110 CVE-2017-10107 CVE-2017-10101 CVE-2017-10096 CVE-2017-10090 CVE-2017-10089 CVE-2017-10087 CVE-2017-10102 CVE-2017-10116 CVE-2017-10074 CVE-2017-10115 CVE-2017-10067 CVE-2017-10125 CVE-2017-10243 CVE-2017-10109 CVE-2017-10108 CVE-2017-10053 CVE-2017-10105 CVE-2017-10081: Multiple unspecified vulnerabilities in multiple Java components could lead to code execution or sandbox escape More information can be found here: https://developer.ibm.com/javasdk/support/security-vulne rabilities/#Oracle_ July_18_2017_CPU Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-11-30
    plugin id 102837
    published 2017-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102837
    title SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2017:2281-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3396-1.NASL
    description It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. (CVE-2017-10053) It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. An attacker could use this to modify the signed contents of a JAR file. (CVE-2017-10067) It was discovered that integer overflows existed in the Hotspot component of OpenJDK when generating range check loop predicates. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and cause a denial of service or possibly execute arbitrary code. (CVE-2017-10074) It was discovered that OpenJDK did not properly process parentheses in function signatures. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10081) It was discovered that the ThreadPoolExecutor class in OpenJDK did not properly perform access control checks when cleaning up threads. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and possibly execute arbitrary code. (CVE-2017-10087) It was discovered that the ServiceRegistry implementation in OpenJDK did not perform access control checks in certain situations. An attacker could use this to specially construct an untrusted Java application or applet that escaped sandbox restrictions. (CVE-2017-10089) It was discovered that the channel groups implementation in OpenJDK did not properly perform access control checks in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10090) It was discovered that the DTM exception handling code in the JAXP component of OpenJDK did not properly perform access control checks. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10096) It was discovered that the JAXP component of OpenJDK incorrectly granted access to some internal resolvers. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10101) It was discovered that the Distributed Garbage Collector (DGC) in OpenJDK did not properly track references in some situations. A remote attacker could possibly use this to execute arbitrary code. (CVE-2017-10102) It was discovered that the Activation ID implementation in the RMI component of OpenJDK did not properly check access control permissions in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10107) It was discovered that the BasicAttribute class in OpenJDK did not properly bound memory allocation when de-serializing objects. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10108) It was discovered that the CodeSource class in OpenJDK did not properly bound memory allocations when de-serializing object instances. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10109) It was discovered that the AWT ImageWatched class in OpenJDK did not properly perform access control checks, An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions (CVE-2017-10110) It was discovered that a timing side-channel vulnerability existed in the DSA implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10115) It was discovered that the LDAP implementation in OpenJDK incorrectly followed references to non-LDAP URLs. An attacker could use this to specially craft an LDAP referral URL that exposes sensitive information or bypass access restrictions. (CVE-2017-10116) It was discovered that a timing side-channel vulnerability existed in the ECDSA implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10118) Ilya Maykov discovered that a timing side-channel vulnerability existed in the PKCS#8 implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10135) It was discovered that the Elliptic Curve (EC) implementation in OpenJDK did not properly compute certain elliptic curve points. An attacker could use this to expose sensitive information. (CVE-2017-10176) It was discovered that OpenJDK did not properly perform access control checks when handling Web Service Definition Language (WSDL) XML documents. An attacker could use this to expose sensitive information. (CVE-2017-10243). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-12-01
    plugin id 102584
    published 2017-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102584
    title Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3396-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2280-1.NASL
    description This update for java-1_7_1-ibm fixes the following issues : - Version update to 7.1-4.10 [bsc#1053431] - CVE-2017-10111 CVE-2017-10110 CVE-2017-10107 CVE-2017-10101 CVE-2017-10096 CVE-2017-10090 CVE-2017-10089 CVE-2017-10087 CVE-2017-10102 CVE-2017-10116 CVE-2017-10074 CVE-2017-10115 CVE-2017-10067 CVE-2017-10125 CVE-2017-10243 CVE-2017-10109 CVE-2017-10108 CVE-2017-10053 CVE-2017-10105 CVE-2017-10081: Multiple unspecified vulnerabilities in multiple Java components could lead to code execution or sandbox escape More information can be found here: https://developer.ibm.com/javasdk/support/security-vulne rabilities/#Oracle_ July_18_2017_CPU Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-11-30
    plugin id 102836
    published 2017-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102836
    title SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2017:2280-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-2469.NASL
    description An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR4-FP10. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10078, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10243)
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 102492
    published 2017-08-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102492
    title RHEL 6 / 7 : java-1.8.0-ibm (RHSA-2017:2469)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2017-860.NASL
    description Incorrect enforcement of certificate path restrictions : It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) Insufficient access control checks in XML transformations (CVE-2017-10096) Incorrect range checks in LambdaFormEditor (CVE-2017-10111) Insufficient access control checks in AsynchronousChannelGroupImpl (CVE-2017-10090) Incorrect key size constraint check (CVE-2017-10193) Integer overflows in range check loop predicates (CVE-2017-10074) PKCS#8 implementation timing attack : A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) Incorrect handling of references in DGC : It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) Insufficient access control checks in ImageWatched (CVE-2017-10110) Unrestricted access to com.sun.org.apache.xml.internal.resolver (CVE-2017-10101) DSA implementation timing attack : A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) Insufficient access control checks in ActivationID (CVE-2017-10107) LDAPCertStore following referrals to non-LDAP URLs : It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) JAR verifier incorrect handling of missing digest (CVE-2017-10067) Reading of unprocessed image data in JPEGImageReader : It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Unbounded memory allocation in CodeSource deserialization (CVE-2017-10109) Unbounded memory allocation in BasicAttribute deserialization (CVE-2017-10108)
    last seen 2018-09-02
    modified 2018-04-18
    plugin id 101958
    published 2017-07-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101958
    title Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2017-860)
  • NASL family Windows
    NASL id ORACLE_JAVA_CPU_JUL_2017.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 141, 7 Update 151, or 6 Update 161. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-10053) - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10067, CVE-2017-10116) - An unspecified flaw exists in the Hotspot component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10074) - An unspecified flaw exists in the Scripting component that allows an authenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10078) - An unspecified flaw exists in the Hotspot component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10081) - Multiple unspecified flaws exist in the JavaFX component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10086, CVE-2017-10114) - Multiple unspecified flaws exist in the Libraries component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10087, CVE-2017-10090, CVE-2017-10111) - An unspecified flaw exists in the ImageIO component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10089) - Multiple unspecified flaws exist in the JAXP component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10096, CVE-2017-10101) - Multiple unspecified flaws exist in the RMI component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10102, CVE-2017-10107) - Multiple unspecified flaws exist in the Server component of the Java Advanced Management Console that allow an authenticated, remote attacker to impact confidentiality, integrity, and availability. (CVE-2017-10104, CVE-2017-10145) - An unspecified flaw exists in the Deployment component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10105) - Multiple unspecified flaws exist in the Serialization component that allow an unauthenticated, remote attacker to exhaust available memory, resulting in a denial of service condition. (CVE-2017-10108, CVE-2017-10109) - An unspecified flaw exists in the AWT component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10110) - Multiple unspecified flaws exist in the JCE component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10115, CVE-2017-10118, CVE-2017-10135) - An unspecified flaw exists in the Server component of the Java Advanced Management Console that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10117) - An unspecified flaw exists in the Server component of the Java Advanced Management Console that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10121) - An unspecified flaw exists in the Deployment component that allows a local attacker to impact confidentiality, integrity, and availability. (CVE-2017-10125) - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10176, CVE-2017-10193, CVE-2017-10198) - An unspecified flaw exists in the JAX-WS component that allows an unauthenticated, remote attacker to impact confidentiality and availability. (CVE-2017-10243)
    last seen 2018-11-17
    modified 2018-11-15
    plugin id 101843
    published 2017-07-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101843
    title Oracle Java SE Multiple Vulnerabilities (July 2017 CPU)
  • NASL family Windows
    NASL id ORACLE_JROCKIT_CPU_JUL_2017.NASL
    description The version of Oracle JRockit installed on the remote Windows host is R28.3.14. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-10053) - Multiple unspecified flaws exist in the Serialization component that allow an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-10108, CVE-2017-10109) - Multiple unspecified flaws exist in the JCE component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10115, CVE-2017-10118, CVE-2017-10135) - An unspecified flaw exists in the Security component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10116) - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10176, CVE-2017-10198) - An unspecified flaw exists in the JAX-WS component that allows an unauthenticated, remote attacker to disclose sensitive information or cause a denial of service condition. (CVE-2017-10243) Note that vulnerability CVE-2017-10109 applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the Internet) and that rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). However, the other vulnerabilities listed above can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. They can also be exploited by supplying data to APIs in the specified component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.
    last seen 2018-11-17
    modified 2018-11-15
    plugin id 101839
    published 2017-07-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101839
    title Oracle JRockit R28.3.14 Multiple Vulnerabilities (July 2017 CPU)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2263-1.NASL
    description This update for java-1_8_0-ibm fixes the following issues : - Version update to 8.0-4.10 [bsc#1053431] CVE-2017-10111, CVE-2017-10110, CVE-2017-10107, CVE-2017-10101, CVE-2017-10096, CVE-2017-10090, CVE-2017-10089, CVE-2017-10087, CVE-2017-10102, CVE-2017-10116, CVE-2017-10074, CVE-2017-10078, CVE-2017-10115, CVE-2017-10067, CVE-2017-10125, CVE-2017-10243, CVE-2017-10109, CVE-2017-10108, CVE-2017-10053, CVE-2017-10105, CVE-2017-10081: Multiple unspecified vulnerabilities in multiple Java components could lead to code execution or sandbox escape More information can be found here: https://developer.ibm.com/javasdk/support/security-vulne rabilities/#Oracle_ July_18_2017_CPU Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-11-30
    plugin id 102801
    published 2017-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102801
    title SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2017:2263-1)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-2424.NASL
    description An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-11-29
    modified 2018-11-27
    plugin id 119221
    published 2018-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119221
    title Virtuozzo 6 : java-1.7.0-openjdk / java-1.7.0-openjdk-demo / etc (VZLSA-2017-2424)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-1789.NASL
    description An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. (CVE-2017-10078) * It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * Multiple flaws were found in the Hotspot and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10081, CVE-2017-10193) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-11-29
    modified 2018-11-27
    plugin id 119220
    published 2018-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119220
    title Virtuozzo 6 : java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc (VZLSA-2017-1789)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1150.NASL
    description According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) - Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) - It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) - It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. (CVE-2017-10078) - It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) - A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) - A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) - It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) - Multiple flaws were found in the Hotspot and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10081, CVE-2017-10193) - It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-06
    modified 2018-12-04
    plugin id 102237
    published 2017-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102237
    title EulerOS 2.0 SP1 : java-1.8.0-openjdk (EulerOS-SA-2017-1150)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-1789.NASL
    description An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es) : * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. (CVE-2017-10078) * It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * Multiple flaws were found in the Hotspot and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10081, CVE-2017-10193) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.
    last seen 2018-11-11
    modified 2018-11-10
    plugin id 101906
    published 2017-07-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101906
    title CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2017:1789)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-2424.NASL
    description An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es) : * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053)
    last seen 2018-11-11
    modified 2018-11-10
    plugin id 102503
    published 2017-08-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102503
    title CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2017:2424)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-2175-1.NASL
    description This java-1_8_0-openjdk update to version jdk8u141 (icedtea 3.5.0) fixes the following issues: Security issues fixed : - CVE-2017-10053: Improved image post-processing steps (bsc#1049305) - CVE-2017-10067: Additional jar validation steps (bsc#1049306) - CVE-2017-10074: Image conversion improvements (bsc#1049307) - CVE-2017-10078: Better script accessibility for JavaScript (bsc#1049308) - CVE-2017-10081: Right parenthesis issue (bsc#1049309) - CVE-2017-10086: Unspecified vulnerability in subcomponent JavaFX (bsc#1049310) - CVE-2017-10087: Better Thread Pool execution (bsc#1049311) - CVE-2017-10089: Service Registration Lifecycle (bsc#1049312) - CVE-2017-10090: Better handling of channel groups (bsc#1049313) - CVE-2017-10096: Transform Transformer Exceptions (bsc#1049314) - CVE-2017-10101: Better reading of text catalogs (bsc#1049315) - CVE-2017-10102: Improved garbage collection (bsc#1049316) - CVE-2017-10105: Unspecified vulnerability in subcomponent deployment (bsc#1049317) - CVE-2017-10107: Less Active Activations (bsc#1049318) - CVE-2017-10108: Better naming attribution (bsc#1049319) - CVE-2017-10109: Better sourcing of code (bsc#1049320) - CVE-2017-10110: Better image fetching (bsc#1049321) - CVE-2017-10111: Rearrange MethodHandle arrangements (bsc#1049322) - CVE-2017-10114: Unspecified vulnerability in subcomponent JavaFX (bsc#1049323) - CVE-2017-10115: Higher quality DSA operations (bsc#1049324) - CVE-2017-10116: Proper directory lookup processing (bsc#1049325) - CVE-2017-10118: Higher quality ECDSA operations (bsc#1049326) - CVE-2017-10125: Unspecified vulnerability in subcomponent deployment (bsc#1049327) - CVE-2017-10135: Better handling of PKCS8 material (bsc#1049328) - CVE-2017-10176: Additional elliptic curve support (bsc#1049329) - CVE-2017-10193: Improve algorithm constraints implementation (bsc#1049330) - CVE-2017-10198: Clear certificate chain connections (bsc#1049331) - CVE-2017-10243: Unspecified vulnerability in subcomponent JAX-WS (bsc#1049332) Bug fixes : - Check registry registration location - Improved certificate processing - JMX diagnostic improvements - Update to libpng 1.6.28 - Import of OpenJDK 8 u141 build 15 (bsc#1049302) New features : - Support using RSAandMGF1 with the SHA hash algorithms in the PKCS11 provider Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-11-30
    plugin id 102541
    published 2017-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102541
    title SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2017:2175-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3366-1.NASL
    description It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. (CVE-2017-10053) It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. An attacker could use this to modify the signed contents of a JAR file. (CVE-2017-10067) It was discovered that integer overflows existed in the Hotspot component of OpenJDK when generating range check loop predicates. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and cause a denial of service or possibly execute arbitrary code. (CVE-2017-10074) It was discovered that the JavaScript Scripting component of OpenJDK incorrectly allowed access to Java APIs. An attacker could use this to specially craft JavaScript code to bypass access restrictions. (CVE-2017-10078) It was discovered that OpenJDK did not properly process parentheses in function signatures. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10081) It was discovered that the ThreadPoolExecutor class in OpenJDK did not properly perform access control checks when cleaning up threads. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and possibly execute arbitrary code. (CVE-2017-10087) It was discovered that the ServiceRegistry implementation in OpenJDK did not perform access control checks in certain situations. An attacker could use this to specially construct an untrusted Java application or applet that escaped sandbox restrictions. (CVE-2017-10089) It was discovered that the channel groups implementation in OpenJDK did not properly perform access control checks in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10090) It was discovered that the DTM exception handling code in the JAXP component of OpenJDK did not properly perform access control checks. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10096) It was discovered that the JAXP component of OpenJDK incorrectly granted access to some internal resolvers. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10101) It was discovered that the Distributed Garbage Collector (DGC) in OpenJDK did not properly track references in some situations. A remote attacker could possibly use this to execute arbitrary code. (CVE-2017-10102) It was discovered that the Activation ID implementation in the RMI component of OpenJDK did not properly check access control permissions in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10107) It was discovered that the BasicAttribute class in OpenJDK did not properly bound memory allocation when de-serializing objects. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10108) It was discovered that the CodeSource class in OpenJDK did not properly bound memory allocations when de-serializing object instances. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10109) It was discovered that the AWT ImageWatched class in OpenJDK did not properly perform access control checks, An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions (CVE-2017-10110) Jackson Davis discovered that the LambdaFormEditor class in the Libraries component of OpenJDK did not correctly perform bounds checks in the permuteArgumentsForm() function. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and possibly execute arbitrary code. (CVE-2017-10111) It was discovered that a timing side-channel vulnerability existed in the DSA implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10115) It was discovered that the LDAP implementation in OpenJDK incorrectly followed references to non-LDAP URLs. An attacker could use this to specially craft an LDAP referral URL that exposes sensitive information or bypass access restrictions. (CVE-2017-10116) It was discovered that a timing side-channel vulnerability existed in the ECDSA implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10118) Ilya Maykov discovered that a timing side-channel vulnerability existed in the PKCS#8 implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10135) It was discovered that the Elliptic Curve (EC) implementation in OpenJDK did not properly compute certain elliptic curve points. An attacker could use this to expose sensitive information. (CVE-2017-10176) It was discovered that OpenJDK did not properly restrict weak key sizes in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10193) It was discovered that OpenJDK did not properly enforce disabled algorithm restrictions on X.509 certificate chains. An attacker could use this to expose sensitive information or escape sandbox restrictions. (CVE-2017-10198) It was discovered that OpenJDK did not properly perform access control checks when handling Web Service Definition Language (WSDL) XML documents. An attacker could use this to expose sensitive information. (CVE-2017-10243). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-12-01
    plugin id 102014
    published 2017-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102014
    title Ubuntu 16.04 LTS / 17.04 : openjdk-8 vulnerabilities (USN-3366-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0005-1.NASL
    description This update for java-1_7_0-openjdk fixes the following issues: Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security (bsc#1064084). - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO (bsc#1064071). - CVE-2017-10281: Fix issue inside subcomponent Serialization (bsc#1064072). - CVE-2017-10285: Fix issue inside subcomponent RMI (bsc#1064073). - CVE-2017-10295: Fix issue inside subcomponent Networking (bsc#1064075). - CVE-2017-10388: Fix issue inside subcomponent Libraries (bsc#1064086). - CVE-2017-10346: Fix issue inside subcomponent Hotspot (bsc#1064078). - CVE-2017-10350: Fix issue inside subcomponent JAX-WS (bsc#1064082). - CVE-2017-10347: Fix issue inside subcomponent Serialization (bsc#1064079). - CVE-2017-10349: Fix issue inside subcomponent JAXP (bsc#1064081). - CVE-2017-10345: Fix issue inside subcomponent Serialization (bsc#1064077). - CVE-2017-10348: Fix issue inside subcomponent Libraries (bsc#1064080). - CVE-2017-10357: Fix issue inside subcomponent Serialization (bsc#1064085). - CVE-2017-10355: Fix issue inside subcomponent Networking (bsc#1064083). - CVE-2017-10102: Fix incorrect handling of references in DGC (bsc#1049316). - CVE-2017-10053: Fix reading of unprocessed image data in JPEGImageReader (bsc#1049305). - CVE-2017-10067: Fix JAR verifier incorrect handling of missing digest (bsc#1049306). - CVE-2017-10081: Fix incorrect bracket processing in function signature handling (bsc#1049309). - CVE-2017-10087: Fix insufficient access control checks in ThreadPoolExecutor (bsc#1049311). - CVE-2017-10089: Fix insufficient access control checks in ServiceRegistry (bsc#1049312). - CVE-2017-10090: Fix insufficient access control checks in AsynchronousChannelGroupImpl (bsc#1049313). - CVE-2017-10096: Fix insufficient access control checks in XML transformations (bsc#1049314). - CVE-2017-10101: Fix unrestricted access to com.sun.org.apache.xml.internal.resolver (bsc#1049315). - CVE-2017-10107: Fix insufficient access control checks in ActivationID (bsc#1049318). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10110: Fix insufficient access control checks in ImageWatched (bsc#1049321). - CVE-2017-10108: Fix unbounded memory allocation in BasicAttribute deserialization (bsc#1049319). - CVE-2017-10109: Fix unbounded memory allocation in CodeSource deserialization (bsc#1049320). - CVE-2017-10115: Fix unspecified vulnerability in subcomponent JCE (bsc#1049324). - CVE-2017-10118: Fix ECDSA implementation timing attack (bsc#1049326). - CVE-2017-10116: Fix LDAPCertStore following referrals to non-LDAP URL (bsc#1049325). - CVE-2017-10135: Fix PKCS#8 implementation timing attack (bsc#1049328). - CVE-2017-10176: Fix incorrect handling of certain EC points (bsc#1049329). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10074: Fix integer overflows in range check loop predicates (bsc#1049307). - CVE-2017-10111: Fix checks in LambdaFormEditor (bsc#1049322). - CVE-2017-10243: Fix unspecified vulnerability in subcomponent JAX-WS (bsc#1049332). - CVE-2017-10125: Fix unspecified vulnerability in subcomponent deployment (bsc#1049327). - CVE-2017-10114: Fix unspecified vulnerability in subcomponent JavaFX (bsc#1049323). - CVE-2017-10105: Fix unspecified vulnerability in subcomponent deployment (bsc#1049317). - CVE-2017-10086: Fix unspecified in subcomponent JavaFX (bsc#1049310). - CVE-2017-10198: Fix incorrect enforcement of certificate path restrictions (bsc#1049331). - CVE-2017-10193: Fix incorrect key size constraint check (bsc#1049330). Bug fixes : - Drop Exec Shield workaround to fix crashes on recent kernels, where Exec Shield is gone (bsc#1052318). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-12-01
    plugin id 105538
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105538
    title SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2018:0005-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3366-2.NASL
    description USN-3366-1 fixed vulnerabilities in OpenJDK 8. Unfortunately, that update introduced a regression that caused some valid JAR files to fail validation. This update fixes the problem. We apologize for the inconvenience. It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. (CVE-2017-10053) It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. An attacker could use this to modify the signed contents of a JAR file. (CVE-2017-10067) It was discovered that integer overflows existed in the Hotspot component of OpenJDK when generating range check loop predicates. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and cause a denial of service or possibly execute arbitrary code. (CVE-2017-10074) It was discovered that the JavaScript Scripting component of OpenJDK incorrectly allowed access to Java APIs. An attacker could use this to specially craft JavaScript code to bypass access restrictions. (CVE-2017-10078) It was discovered that OpenJDK did not properly process parentheses in function signatures. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10081) It was discovered that the ThreadPoolExecutor class in OpenJDK did not properly perform access control checks when cleaning up threads. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and possibly execute arbitrary code. (CVE-2017-10087) It was discovered that the ServiceRegistry implementation in OpenJDK did not perform access control checks in certain situations. An attacker could use this to specially construct an untrusted Java application or applet that escaped sandbox restrictions. (CVE-2017-10089) It was discovered that the channel groups implementation in OpenJDK did not properly perform access control checks in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10090) It was discovered that the DTM exception handling code in the JAXP component of OpenJDK did not properly perform access control checks. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10096) It was discovered that the JAXP component of OpenJDK incorrectly granted access to some internal resolvers. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10101) It was discovered that the Distributed Garbage Collector (DGC) in OpenJDK did not properly track references in some situations. A remote attacker could possibly use this to execute arbitrary code. (CVE-2017-10102) It was discovered that the Activation ID implementation in the RMI component of OpenJDK did not properly check access control permissions in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10107) It was discovered that the BasicAttribute class in OpenJDK did not properly bound memory allocation when de-serializing objects. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10108) It was discovered that the CodeSource class in OpenJDK did not properly bound memory allocations when de-serializing object instances. An attacker could use this to cause a denial of service (memory consumption). (CVE-2017-10109) It was discovered that the AWT ImageWatched class in OpenJDK did not properly perform access control checks, An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions (CVE-2017-10110) Jackson Davis discovered that the LambdaFormEditor class in the Libraries component of OpenJDK did not correctly perform bounds checks in the permuteArgumentsForm() function. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions and possibly execute arbitrary code. (CVE-2017-10111) It was discovered that a timing side-channel vulnerability existed in the DSA implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10115) It was discovered that the LDAP implementation in OpenJDK incorrectly followed references to non-LDAP URLs. An attacker could use this to specially craft an LDAP referral URL that exposes sensitive information or bypass access restrictions. (CVE-2017-10116) It was discovered that a timing side-channel vulnerability existed in the ECDSA implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10118) Ilya Maykov discovered that a timing side-channel vulnerability existed in the PKCS#8 implementation in OpenJDK. An attacker could use this to expose sensitive information. (CVE-2017-10135) It was discovered that the Elliptic Curve (EC) implementation in OpenJDK did not properly compute certain elliptic curve points. An attacker could use this to expose sensitive information. (CVE-2017-10176) It was discovered that OpenJDK did not properly restrict weak key sizes in some situations. An attacker could use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. (CVE-2017-10193) It was discovered that OpenJDK did not properly enforce disabled algorithm restrictions on X.509 certificate chains. An attacker could use this to expose sensitive information or escape sandbox restrictions. (CVE-2017-10198) It was discovered that OpenJDK did not properly perform access control checks when handling Web Service Definition Language (WSDL) XML documents. An attacker could use this to expose sensitive information. (CVE-2017-10243). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-12-02
    modified 2018-12-01
    plugin id 102092
    published 2017-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102092
    title Ubuntu 16.04 LTS / 17.04 : openjdk-8 regression (USN-3366-2)
redhat via4
advisories
  • rhsa
    id RHSA-2017:1789
  • rhsa
    id RHSA-2017:1790
  • rhsa
    id RHSA-2017:1791
  • rhsa
    id RHSA-2017:1792
  • rhsa
    id RHSA-2017:2424
  • rhsa
    id RHSA-2017:2469
  • rhsa
    id RHSA-2017:2481
  • rhsa
    id RHSA-2017:2530
  • rhsa
    id RHSA-2017:3453
rpms
  • java-1.8.0-openjdk-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-accessibility-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-accessibility-debug-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-debug-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-demo-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-devel-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-headless-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-javadoc-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-javadoc-zip-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-javadoc-zip-debug-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-src-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-src-debug-1:1.8.0.141-1.b16.el7_3
  • java-1.8.0-openjdk-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-debug-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-demo-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-devel-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-headless-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-javadoc-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-src-1:1.8.0.141-2.b16.el6_9
  • java-1.8.0-openjdk-src-debug-1:1.8.0.141-2.b16.el6_9
  • java-1.7.0-openjdk-1:1.7.0.151-2.6.11.0.el6_9
  • java-1.7.0-openjdk-demo-1:1.7.0.151-2.6.11.0.el6_9
  • java-1.7.0-openjdk-devel-1:1.7.0.151-2.6.11.0.el6_9
  • java-1.7.0-openjdk-javadoc-1:1.7.0.151-2.6.11.0.el6_9
  • java-1.7.0-openjdk-src-1:1.7.0.151-2.6.11.0.el6_9
  • java-1.7.0-openjdk-1:1.7.0.151-2.6.11.1.el7_4
  • java-1.7.0-openjdk-accessibility-1:1.7.0.151-2.6.11.1.el7_4
  • java-1.7.0-openjdk-demo-1:1.7.0.151-2.6.11.1.el7_4
  • java-1.7.0-openjdk-devel-1:1.7.0.151-2.6.11.1.el7_4
  • java-1.7.0-openjdk-headless-1:1.7.0.151-2.6.11.1.el7_4
  • java-1.7.0-openjdk-javadoc-1:1.7.0.151-2.6.11.1.el7_4
  • java-1.7.0-openjdk-src-1:1.7.0.151-2.6.11.1.el7_4
refmap via4
bid 99842
confirm
debian
  • DSA-3919
  • DSA-3954
gentoo GLSA-201709-22
sectrack 1038931
Last major update 08-08-2017 - 11:29
Published 08-08-2017 - 11:29
Last modified 16-05-2018 - 21:29
Back to Top