Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary | |
---|---|
Title | HP-UX Running Java, Remote Increase in Privilege, Denial of Service and Other |
Informations | |||
---|---|---|---|
Name | HPSBUX02503 SSRT100019 | First vendor Publication | 2010-02-08 |
Vendor | HP | Last vendor Modification | 2010-02-08 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer |
Original Source
Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01997760 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
56 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
22 % | CWE-399 | Resource Management Errors |
11 % | CWE-310 | Cryptographic Issues |
11 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10328 | |||
Oval ID: | oval:org.mitre.oval:def:10328 | ||
Title: | Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||
Description: | Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3876 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10469 | |||
Oval ID: | oval:org.mitre.oval:def:10469 | ||
Title: | Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||
Description: | Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3877 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10741 | |||
Oval ID: | oval:org.mitre.oval:def:10741 | ||
Title: | Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. | ||
Description: | Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3869 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11566 | |||
Oval ID: | oval:org.mitre.oval:def:11566 | ||
Title: | Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643. | ||
Description: | Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3874 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11847 | |||
Oval ID: | oval:org.mitre.oval:def:11847 | ||
Title: | The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503. | ||
Description: | The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3875 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22972 | |||
Oval ID: | oval:org.mitre.oval:def:22972 | ||
Title: | ELSA-2009:1643: java-1.4.2-ibm security update (Critical) | ||
Description: | Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1643-01 CVE-2009-3867 CVE-2009-3868 CVE-2009-3869 CVE-2009-3871 CVE-2009-3872 CVE-2009-3873 CVE-2009-3874 CVE-2009-3875 CVE-2009-3876 CVE-2009-3877 | Version: | 45 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.4.2-ibm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6698 | |||
Oval ID: | oval:org.mitre.oval:def:6698 | ||
Title: | OpenJDK JRE AWT setBytePixels Heap Overflow Vulnerability | ||
Description: | Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3871 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6746 | |||
Oval ID: | oval:org.mitre.oval:def:6746 | ||
Title: | Sun Java Stack-based Buffer Overflow via a Long File: URL Argument | ||
Description: | Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3867 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6786 | |||
Oval ID: | oval:org.mitre.oval:def:6786 | ||
Title: | Sun Java Privilege Escalation via Crafted Image File Due Improper Color Profiles Parsing | ||
Description: | Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3868 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6805 | |||
Oval ID: | oval:org.mitre.oval:def:6805 | ||
Title: | OpenJDK ASN.1/DER Input Stream Parser Denial of Service via Crafted DER Encoded Data | ||
Description: | Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3876 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6963 | |||
Oval ID: | oval:org.mitre.oval:def:6963 | ||
Title: | JRE JPEG JFIF Decoder Vulnerability | ||
Description: | Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3872 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6970 | |||
Oval ID: | oval:org.mitre.oval:def:6970 | ||
Title: | OpenJDK JPEG Image Writer quantization problem | ||
Description: | The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3873 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7148 | |||
Oval ID: | oval:org.mitre.oval:def:7148 | ||
Title: | OpenJDK ASN.1/DER Input Stream Parser Denial of Service via Crafted HTTP Headers | ||
Description: | Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3877 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7400 | |||
Oval ID: | oval:org.mitre.oval:def:7400 | ||
Title: | OpenJDK JRE AWT setDifflCM Stack Overflow Vulnerability | ||
Description: | Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3869 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7442 | |||
Oval ID: | oval:org.mitre.oval:def:7442 | ||
Title: | OpenJDK ImageI/O JPEG Heap Overflow Vulnerability | ||
Description: | Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3874 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7549 | |||
Oval ID: | oval:org.mitre.oval:def:7549 | ||
Title: | OpenJDK MessageDigest.isEqual Introduces Timing Attack Vulnerabilities | ||
Description: | The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3875 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9360 | |||
Oval ID: | oval:org.mitre.oval:def:9360 | ||
Title: | Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358. | ||
Description: | Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3871 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9602 | |||
Oval ID: | oval:org.mitre.oval:def:9602 | ||
Title: | The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968. | ||
Description: | The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3873 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow | More info here |
Java Runtime Environment AWT setDiffICM buffer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2010-09-20 | Sun Java JRE AWT setDiffICM Buffer Overflow |
2010-09-20 | Sun Java JRE getSoundbank file:// URI Buffer Overflow |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for java CESA-2009:1584 centos5 i386 File : nvt/gb_CESA-2009_1584_java_centos5_i386.nasl |
2010-05-28 | Name : Java for Mac OS X 10.6 Update 1 File : nvt/macosx_java_for_10_6_upd_1.nasl |
2010-05-28 | Name : Java for Mac OS X 10.5 Update 6 File : nvt/macosx_java_for_10_5_upd_6.nasl |
2010-04-30 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2010_084.nasl |
2010-03-02 | Name : Mandriva Update for x11-driver-video-ati MDVA-2010:084 (x11-driver-video-ati) File : nvt/gb_mandriva_MDVA_2010_084.nasl |
2010-02-15 | Name : HP-UX Update for Java HPSBUX02503 File : nvt/gb_hp_ux_HPSBUX02503.nasl |
2009-12-30 | Name : RedHat Security Advisory RHSA-2009:1694 File : nvt/RHSA_2009_1694.nasl |
2009-12-14 | Name : RedHat Security Advisory RHSA-2009:1643 File : nvt/RHSA_2009_1643.nasl |
2009-12-14 | Name : RedHat Security Advisory RHSA-2009:1647 File : nvt/RHSA_2009_1647.nasl |
2009-11-23 | Name : SuSE Security Advisory SUSE-SA:2009:058 (java-1_6_0-sun) File : nvt/suse_sa_2009_058.nasl |
2009-11-23 | Name : CentOS Security Advisory CESA-2009:1584 (java-1.6.0-openjdk) File : nvt/ovcesa2009_1584.nasl |
2009-11-17 | Name : Fedora Core 10 FEDORA-2009-11490 (java-1.6.0-openjdk) File : nvt/fcore_2009_11490.nasl |
2009-11-17 | Name : Fedora Core 12 FEDORA-2009-11489 (java-1.6.0-openjdk) File : nvt/fcore_2009_11489.nasl |
2009-11-17 | Name : Fedora Core 11 FEDORA-2009-11486 (java-1.6.0-openjdk) File : nvt/fcore_2009_11486.nasl |
2009-11-17 | Name : RedHat Security Advisory RHSA-2009:1584 File : nvt/RHSA_2009_1584.nasl |
2009-11-17 | Name : RedHat Security Advisory RHSA-2009:1571 File : nvt/RHSA_2009_1571.nasl |
2009-11-13 | Name : Sun Java JDK/JRE Multiple Vulnerabilities - Nov09 (Linux) File : nvt/gb_sun_java_jre_mult_vuln_nov09_lin.nasl |
2009-11-13 | Name : Sun Java JDK/JRE Multiple Vulnerabilities - Nov09 (Win) File : nvt/gb_sun_java_jre_mult_vuln_nov09_win.nasl |
2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1560 File : nvt/RHSA_2009_1560.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
59714 | Sun Java JDK / JRE JPEG Image Writer Unspecified Overflow (6862968) |
59713 | Sun Java JDK / JRE JPEG JFIF Decoder Unspecified Overflow (6862969) |
59712 | Sun Java JDK / JRE Color Profile Handling Unspecified Overflow (6862970) |
59711 | Sun Java JDK / JRE HsbParser.getSoundBank Function file:// URI Parsing Overflow |
59710 | Sun Java JDK / JRE AWT setDifflCM Library Function Overflow |
59709 | Sun Java JDK / JRE AWT setBytePixels Library Function Overflow |
59708 | Sun Java JDK / JRE JPEGImageReader Subsample Dimension Handling Overflow |
59707 | Sun Java JDK / JRE MessageDigest.isEqual Function HMAC Digest Signature Forge... |
59706 | Sun Java JDK / JRE HTTP Header Parsing Unspecified Memory Exhaustion DoS |
59705 | Sun Java JDK / JRE DER Encoded Data Decoding Unspecified Memory Exhaustion DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Phoenix exploit kit post-compromise behavior RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC |
2014-01-10 | Phoenix exploit kit landing page RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT |
2014-01-10 | Oracle Java getSoundBank overflow Attempt malicious jar file RuleID : 20858 - Revision : 8 - Type : FILE-JAVA |
2014-01-10 | Oracle Java runtime JPEGImageReader overflow attempt RuleID : 20055 - Revision : 11 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt RuleID : 19926 - Revision : 10 - Type : FILE-JAVA |
2014-01-10 | Oracle Java HsbParser.getSoundBank stack buffer overflow attempt RuleID : 17776 - Revision : 11 - Type : FILE-JAVA |
2014-01-10 | Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt RuleID : 16288 - Revision : 11 - Type : FILE-JAVA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0002_remote.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1584.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1584.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a runtime environment that is affected by multi... File : sun_java_jre_269868_unix.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091109_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2011-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1662.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-6741.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-6755.nasl - Type : ACT_GATHER_INFO |
2010-04-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-084.nasl - Type : ACT_GATHER_INFO |
2010-03-31 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0002.nasl - Type : ACT_GATHER_INFO |
2010-01-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0043.nasl - Type : ACT_GATHER_INFO |
2010-01-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-100105.nasl - Type : ACT_GATHER_INFO |
2010-01-12 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-6757.nasl - Type : ACT_GATHER_INFO |
2010-01-12 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-100105.nasl - Type : ACT_GATHER_INFO |
2010-01-12 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12565.nasl - Type : ACT_GATHER_INFO |
2010-01-08 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-6740.nasl - Type : ACT_GATHER_INFO |
2009-12-27 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12564.nasl - Type : ACT_GATHER_INFO |
2009-12-27 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1694.nasl - Type : ACT_GATHER_INFO |
2009-12-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1647.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1643.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_5_update6.nasl - Type : ACT_GATHER_INFO |
2009-12-04 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update1.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_6_0-openjdk-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_6_0-openjdk-091125.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_java-1_6_0-openjdk-091127.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-sun-091113.nasl - Type : ACT_GATHER_INFO |
2009-11-18 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200911-02.nasl - Type : ACT_GATHER_INFO |
2009-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1584.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11489.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-859-1.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11490.nasl - Type : ACT_GATHER_INFO |
2009-11-16 | Name : The remote Fedora host is missing a security update. File : fedora_2009-11486.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1571.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_java-1_5_0-sun-091109.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_java-1_5_0-sun-091109.nasl - Type : ACT_GATHER_INFO |
2009-11-10 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1560.nasl - Type : ACT_GATHER_INFO |
2009-11-04 | Name : The remote Windows host contains a runtime environment that is affected by mu... File : sun_java_jre_269868.nasl - Type : ACT_GATHER_INFO |