Executive Summary

Informations
NameMDVSA-2011:054First vendor Publication2011-03-27
VendorMandrivaLast vendor Modification2011-03-27
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk:

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader (CVE-2010-4351).

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves DNS cache poisoning by untrusted applets. (CVE-2010-4448)

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable (CVE-2010-4450).

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or clipboard access in Applets. (CVE-2010-4465)

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and backward jsrs. (CVE-2010-4469)

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to Features set on SchemaFactory not inherited by Validator. (CVE-2010-4470)

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text (CVE-2010-4471).

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the XML DSig Transform or C14N algorithm implementations. (CVE-2010-4472)

The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308 (CVE-2010-4476).

IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are partially signed or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source (CVE-2011-0025).

The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of an inappropriate security descriptor. (CVE-2011-0706)

Additionally the java-1.5.0-gcj packages were not rebuilt with the shipped version on GCC for 2009.0 and Enterprise Server 5 which caused problems while building the java-1.6.0-openjdk updates, therefore rebuilt java-1.5.0-gcj packages are being provided with this advisory as well.

Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:054

CWE : Common Weakness Enumeration

idName
CWE-264Permissions, Privileges, and Access Controls
CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21749
 
Oval ID: oval:org.mitre.oval:def:21749
Title: RHSA-2011:0176: java-1.6.0-openjdk security update (Moderate)
Description: The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.
Family: unix Class: patch
Reference(s): RHSA-2011:0176-01
CESA-2011:0176
CVE-2010-3860
CVE-2010-4351
Version: 29
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): java-1.6.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22663
 
Oval ID: oval:org.mitre.oval:def:22663
Title: ELSA-2011:0176: java-1.6.0-openjdk security update (Moderate)
Description: The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.
Family: unix Class: patch
Reference(s): ELSA-2011:0176-01
CVE-2010-3860
CVE-2010-4351
Version: 10
Platform(s): Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19857
 
Oval ID: oval:org.mitre.oval:def:19857
Title: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves "DNS cache poisoning by untrusted applets."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4448
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14045
 
Oval ID: oval:org.mitre.oval:def:14045
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves "DNS cache poisoning by untrusted applets."
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves "DNS cache poisoning by untrusted applets."
Family: windows Class: vulnerability
Reference(s): CVE-2010-4448
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12906
 
Oval ID: oval:org.mitre.oval:def:12906
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves "DNS cache poisoning by untrusted applets."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4448
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19776
 
Oval ID: oval:org.mitre.oval:def:19776
Title: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4450
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14135
 
Oval ID: oval:org.mitre.oval:def:14135
Title: DEPRECATED: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4450
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12420
 
Oval ID: oval:org.mitre.oval:def:12420
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4450
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20580
 
Oval ID: oval:org.mitre.oval:def:20580
Title: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or "clipboard access in Applets."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4465
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14034
 
Oval ID: oval:org.mitre.oval:def:14034
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or "clipboard access in Applets."
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or "clipboard access in Applets."
Family: windows Class: vulnerability
Reference(s): CVE-2010-4465
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12925
 
Oval ID: oval:org.mitre.oval:def:12925
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or "clipboard access in Applets."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4465
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20543
 
Oval ID: oval:org.mitre.oval:def:20543
Title: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and "backward jsrs."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4469
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13639
 
Oval ID: oval:org.mitre.oval:def:13639
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and "backward jsrs."
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and "backward jsrs."
Family: windows Class: vulnerability
Reference(s): CVE-2010-4469
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12833
 
Oval ID: oval:org.mitre.oval:def:12833
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and "backward jsrs."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4469
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19986
 
Oval ID: oval:org.mitre.oval:def:19986
Title: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to "Features set on SchemaFactory not inherited by Validator."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4470
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14076
 
Oval ID: oval:org.mitre.oval:def:14076
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to "Features set on SchemaFactory not inherited by Validator."
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to "Features set on SchemaFactory not inherited by Validator."
Family: windows Class: vulnerability
Reference(s): CVE-2010-4470
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12887
 
Oval ID: oval:org.mitre.oval:def:12887
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to "Features set on SchemaFactory not inherited by Validator."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4470
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20243
 
Oval ID: oval:org.mitre.oval:def:20243
Title: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4471
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14417
 
Oval ID: oval:org.mitre.oval:def:14417
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4471
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12089
 
Oval ID: oval:org.mitre.oval:def:12089
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4471
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21931
 
Oval ID: oval:org.mitre.oval:def:21931
Title: RHSA-2011:0281: java-1.6.0-openjdk security update (Important)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."
Family: unix Class: patch
Reference(s): RHSA-2011:0281-01
CVE-2010-4448
CVE-2010-4450
CVE-2010-4465
CVE-2010-4469
CVE-2010-4470
CVE-2010-4472
Version: 81
Platform(s): Red Hat Enterprise Linux 6
Product(s): java-1.6.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20565
 
Oval ID: oval:org.mitre.oval:def:20565
Title: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4472
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14118
 
Oval ID: oval:org.mitre.oval:def:14118
Title: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."
Family: windows Class: vulnerability
Reference(s): CVE-2010-4472
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12903
 
Oval ID: oval:org.mitre.oval:def:12903
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."
Family: unix Class: vulnerability
Reference(s): CVE-2010-4472
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22845
 
Oval ID: oval:org.mitre.oval:def:22845
Title: ELSA-2011:0281: java-1.6.0-openjdk security update (Important)
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the "XML DSig Transform or C14N algorithm implementations."
Family: unix Class: patch
Reference(s): ELSA-2011:0281-01
CVE-2010-4448
CVE-2010-4450
CVE-2010-4465
CVE-2010-4469
CVE-2010-4470
CVE-2010-4472
Version: 26
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21907
 
Oval ID: oval:org.mitre.oval:def:21907
Title: RHSA-2011:0292: java-1.4.2-ibm security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): RHSA-2011:0292-01
CVE-2010-4476
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Product(s): java-1.4.2-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21859
 
Oval ID: oval:org.mitre.oval:def:21859
Title: RHSA-2011:0282: java-1.6.0-sun security update (Critical)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): RHSA-2011:0282-01
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4451
CVE-2010-4452
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4466
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4475
CVE-2010-4476
Version: 250
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s): java-1.6.0-sun
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21809
 
Oval ID: oval:org.mitre.oval:def:21809
Title: RHSA-2011:0291: java-1.5.0-ibm security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): RHSA-2011:0291-01
CVE-2010-4476
Version: 4
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s): java-1.5.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21713
 
Oval ID: oval:org.mitre.oval:def:21713
Title: RHSA-2011:0214: java-1.6.0-openjdk security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): RHSA-2011:0214-01
CVE-2010-4476
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Product(s): java-1.6.0-openjdk
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21420
 
Oval ID: oval:org.mitre.oval:def:21420
Title: RHSA-2011:0336: tomcat5 security update (Important)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): RHSA-2011:0336-01
CESA-2011:0336
CVE-2010-4476
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): tomcat5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21273
 
Oval ID: oval:org.mitre.oval:def:21273
Title: RHSA-2011:0290: java-1.6.0-ibm security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): RHSA-2011:0290-01
CVE-2010-4476
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Product(s): java-1.6.0-ibm
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20649
 
Oval ID: oval:org.mitre.oval:def:20649
Title: VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4476
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19493
 
Oval ID: oval:org.mitre.oval:def:19493
Title: HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4476
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14589
 
Oval ID: oval:org.mitre.oval:def:14589
Title: HP-UX Apache Running Tomcat Servlet Engine, Remote Information Disclosure, Authentication Bypass, Cross-Site Scripting (XSS), Unauthorized Access, Denial of Service (DoS)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4476
Version: 6
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14328
 
Oval ID: oval:org.mitre.oval:def:14328
Title: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4476
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12745
 
Oval ID: oval:org.mitre.oval:def:12745
Title: HP-UX Apache Web Server, Remote Information Disclosure, Cross-Site Scripting (XSS), Denial of Service (DoS)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4476
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12662
 
Oval ID: oval:org.mitre.oval:def:12662
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, Disclosure of Information, and Other Vulnerabilities
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: vulnerability
Reference(s): CVE-2010-4476
Version: 7
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23615
 
Oval ID: oval:org.mitre.oval:def:23615
Title: ELSA-2011:0282: java-1.6.0-sun security update (Critical)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0282-01
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4451
CVE-2010-4452
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4466
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4475
CVE-2010-4476
Version: 78
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23595
 
Oval ID: oval:org.mitre.oval:def:23595
Title: ELSA-2011:0291: java-1.5.0-ibm security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0291-01
CVE-2010-4476
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23406
 
Oval ID: oval:org.mitre.oval:def:23406
Title: ELSA-2011:0290: java-1.6.0-ibm security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0290-01
CVE-2010-4476
Version: 3
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23319
 
Oval ID: oval:org.mitre.oval:def:23319
Title: ELSA-2011:0214: java-1.6.0-openjdk security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0214-01
CVE-2010-4476
Version: 3
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22977
 
Oval ID: oval:org.mitre.oval:def:22977
Title: ELSA-2011:0336: tomcat5 security update (Important)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0336-01
CVE-2010-4476
Version: 3
Platform(s): Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22908
 
Oval ID: oval:org.mitre.oval:def:22908
Title: ELSA-2011:0291: java-1.5.0-ibm security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0291-01
CVE-2010-4476
Version: 3
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22836
 
Oval ID: oval:org.mitre.oval:def:22836
Title: ELSA-2011:0290: java-1.6.0-ibm security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0290-01
CVE-2010-4476
Version: 3
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22826
 
Oval ID: oval:org.mitre.oval:def:22826
Title: ELSA-2011:0292: java-1.4.2-ibm security update (Moderate)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0292-01
CVE-2010-4476
Version: 3
Platform(s): Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22673
 
Oval ID: oval:org.mitre.oval:def:22673
Title: ELSA-2011:0282: java-1.6.0-sun security update (Critical)
Description: The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0282-01
CVE-2010-4422
CVE-2010-4447
CVE-2010-4448
CVE-2010-4450
CVE-2010-4451
CVE-2010-4452
CVE-2010-4454
CVE-2010-4462
CVE-2010-4463
CVE-2010-4465
CVE-2010-4466
CVE-2010-4467
CVE-2010-4468
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4473
CVE-2010-4475
CVE-2010-4476
Version: 78
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:14117
 
Oval ID: oval:org.mitre.oval:def:14117
Title: The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor."
Description: The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor."
Family: windows Class: vulnerability
Reference(s): CVE-2011-0706
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application18
Application3
Application51
Application81
Application30

OpenVAS Exploits

DateDescription
2012-07-30Name : CentOS Update for java CESA-2011:0176 centos5 x86_64
File : nvt/gb_CESA-2011_0176_java_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for java CESA-2011:0214 centos5 x86_64
File : nvt/gb_CESA-2011_0214_java_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for java CESA-2011:0281 centos5 x86_64
File : nvt/gb_CESA-2011_0281_java_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for tomcat5 CESA-2011:0336 centos5 x86_64
File : nvt/gb_CESA-2011_0336_tomcat5_centos5_x86_64.nasl
2012-06-06Name : RedHat Update for tomcat6 RHSA-2011:0335-01
File : nvt/gb_RHSA-2011_0335-01_tomcat6.nasl
2012-03-15Name : VMSA-2011-0013.2 VMware third party component updates for VMware vCenter Serv...
File : nvt/gb_VMSA-2011-0013.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201111-02 (sun-jre-bin sun-jdk emul-linux-x86-j...
File : nvt/glsa_201111_02.nasl
2011-10-21Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-14638
File : nvt/gb_fedora_2011_14638_java-1.6.0-openjdk_fc14.nasl
2011-08-29Name : Java for Mac OS X 10.5 Update 9
File : nvt/secpod_macosx_java_10_5_upd_9.nasl
2011-08-29Name : Java for Mac OS X 10.6 Update 4
File : nvt/secpod_macosx_java_10_6_upd_4.nasl
2011-08-12Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-9523
File : nvt/gb_fedora_2011_9523_java-1.6.0-openjdk_fc14.nasl
2011-08-09Name : CentOS Update for java CESA-2011:0176 centos5 i386
File : nvt/gb_CESA-2011_0176_java_centos5_i386.nasl
2011-08-09Name : CentOS Update for java CESA-2011:0214 centos5 i386
File : nvt/gb_CESA-2011_0214_java_centos5_i386.nasl
2011-08-09Name : CentOS Update for java CESA-2011:0281 centos5 i386
File : nvt/gb_CESA-2011_0281_java_centos5_i386.nasl
2011-08-09Name : CentOS Update for tomcat5 CESA-2011:0336 centos5 i386
File : nvt/gb_CESA-2011_0336_tomcat5_centos5_i386.nasl
2011-06-20Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-8003
File : nvt/gb_fedora_2011_8003_java-1.6.0-openjdk_fc14.nasl
2011-06-20Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-8020
File : nvt/gb_fedora_2011_8020_java-1.6.0-openjdk_fc13.nasl
2011-06-06Name : HP-UX Update for Java HPSBUX02685
File : nvt/gb_hp_ux_HPSBUX02685.nasl
2011-05-12Name : Debian Security Advisory DSA 2224-1 (openjdk-6)
File : nvt/deb_2224_1.nasl
2011-05-05Name : HP-UX Update for Apache Web Server HPSBUX02645
File : nvt/gb_hp_ux_HPSBUX02645.nasl
2011-04-01Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2011:054 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2011_054.nasl
2011-03-15Name : RedHat Update for tomcat5 RHSA-2011:0336-01
File : nvt/gb_RHSA-2011_0336-01_tomcat5.nasl
2011-03-07Name : Ubuntu Update for openjdk-6 vulnerabilities USN-1079-1
File : nvt/gb_ubuntu_USN_1079_1.nasl
2011-03-07Name : Debian Security Advisory DSA 2161-1 (openjdk-6)
File : nvt/deb_2161_1.nasl
2011-03-07Name : Debian Security Advisory DSA 2161-2 (openjdk-6)
File : nvt/deb_2161_2.nasl
2011-02-28Name : Oracle Java SE Code Execution Vulnerabilities (Windows)
File : nvt/secpod_oracle_java_mult_code_exec_vuln_win.nasl
2011-02-28Name : Oracle Java SE Multiple Unspecified Vulnerabilities (Windows)
File : nvt/secpod_oracle_java_mult_unspecified_vuln_win.nasl
2011-02-28Name : Oracle Java SE Multiple Unspecified Vulnerabilities (Windows)
File : nvt/secpod_oracle_java_mult_unspecified_vuln_win_feb11.nasl
2011-02-28Name : SuSE Update for java-1_6_0-sun SUSE-SA:2011:010
File : nvt/gb_suse_2011_010.nasl
2011-02-18Name : RedHat Update for java-1.6.0-openjdk RHSA-2011:0281-01
File : nvt/gb_RHSA-2011_0281-01_java-1.6.0-openjdk.nasl
2011-02-18Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-1631
File : nvt/gb_fedora_2011_1631_java-1.6.0-openjdk_fc13.nasl
2011-02-18Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-1645
File : nvt/gb_fedora_2011_1645_java-1.6.0-openjdk_fc14.nasl
2011-02-16Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-1231
File : nvt/gb_fedora_2011_1231_java-1.6.0-openjdk_fc13.nasl
2011-02-16Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-1263
File : nvt/gb_fedora_2011_1263_java-1.6.0-openjdk_fc14.nasl
2011-02-11Name : RedHat Update for java-1.6.0-openjdk RHSA-2011:0214-01
File : nvt/gb_RHSA-2011_0214-01_java-1.6.0-openjdk.nasl
2011-02-04Name : Ubuntu Update for openjdk-6, openjdk-6b18 vulnerabilities USN-1055-1
File : nvt/gb_ubuntu_USN_1055_1.nasl
2011-01-31Name : Ubuntu Update for openjdk-6, openjdk-6b18 vulnerability USN-1052-1
File : nvt/gb_ubuntu_USN_1052_1.nasl
2011-01-31Name : RedHat Update for java-1.6.0-openjdk RHSA-2011:0176-01
File : nvt/gb_RHSA-2011_0176-01_java-1.6.0-openjdk.nasl
2011-01-21Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-0500
File : nvt/gb_fedora_2011_0500_java-1.6.0-openjdk_fc13.nasl
2011-01-21Name : Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521
File : nvt/gb_fedora_2011_0521_java-1.6.0-openjdk_fc14.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
73765OpenJDK Runtime Environment IcedTea-Web JNLPClassLoader Multiple Signer Remot...
73764OpenJDK IcedTea JAR File Signature Verification Weakness
71622Oracle Java SE / Java for Business XML Digital Signature Unspecified Remote DoS
71621Oracle Java SE / Java for Business Networking Unspecified Remote DoS
71620Oracle Java SE / Java for Business Launcher Unspecified Local Issue
71616Oracle Java SE / Java for Business 2D Unspecified Remote Information Disclosure
71615Oracle Java SE / Java for Business JAXP Unspecified Remote DoS
71610Oracle Java SE / Java for Business Hotspot Unspecified Remote Compromise
71608Oracle Java SE / Java for Business Swing Clipboard Handle Arbitrary Command I...
70965Oracle Java SE / Java for Business Double.parseDouble Method Floating Point ...
70605OpenJDK IcedTea JNLP SecurityManager checkPermission Method Exception Bypass

Information Assurance Vulnerability Management (IAVM)

DateDescription
2012-05-03IAVM : 2012-B-0048 - Multiple Vulnerabilities in HP Systems Insight Manager
Severity : Category I - VMSKEY : V0032178
2011-12-15IAVM : 2011-A-0173 - Multiple Vulnerabilities in VMware ESX 4.0
Severity : Category I - VMSKEY : V0030824
2011-12-01IAVM : 2011-A-0160 - Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana...
Severity : Category I - VMSKEY : V0030769

Snort® IPS/IDS

DateDescription
2014-01-10Java floating point number denial of service - via POST
RuleID : 18471 - Revision : 7 - Type : SERVER-WEBAPP
2014-01-10Java floating point number denial of service - via URI
RuleID : 18470 - Revision : 8 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0335.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0336.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0176.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0214.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0281.nasl - Type : ACT_GATHER_INFO
2013-03-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1079-2.nasl - Type : ACT_GATHER_INFO
2013-03-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1079-3.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a programming platform that is affected by mult...
File : oracle_java_cpu_feb_2011_unix.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0880.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110309_tomcat5_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110309_tomcat6_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110125_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110210_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110217_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110217_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-06-21Name : The remote database server is affected by multiple denial of service vulnerab...
File : db2_9fp11.nasl - Type : ACT_GATHER_INFO
2012-06-15Name : The remote Windows host contains software that is affected by multiple vulner...
File : hp_systems_insight_manager_700_multiple_vulns.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_6_0-ibm-7443.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_4_2-ibm-7440.nasl - Type : ACT_GATHER_INFO
2011-11-23Name : The remote database server is affected by multiple denial of service vulnerab...
File : db2_97fp5.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201111-02.nasl - Type : ACT_GATHER_INFO
2011-10-28Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0013.nasl - Type : ACT_GATHER_INFO
2011-05-13Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_4_2-ibm-110504.nasl - Type : ACT_GATHER_INFO
2011-05-13Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12706.nasl - Type : ACT_GATHER_INFO
2011-05-06Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0490.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for java-1_6_0-openjdk
File : suse_11_2_java-1_6_0-openjdk-110118.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for java-1_6_0-openjdk
File : suse_11_2_java-1_6_0-openjdk-110204.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for java-1_6_0-openjdk
File : suse_11_2_java-1_6_0-openjdk-110228.nasl - Type : ACT_GATHER_INFO
2011-05-05Name : The remote SuSE system is missing a security patch for java-1_6_0-sun
File : suse_11_2_java-1_6_0-sun-110217.nasl - Type : ACT_GATHER_INFO
2011-04-21Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2224.nasl - Type : ACT_GATHER_INFO
2011-04-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0176.nasl - Type : ACT_GATHER_INFO
2011-04-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0214.nasl - Type : ACT_GATHER_INFO
2011-04-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0281.nasl - Type : ACT_GATHER_INFO
2011-04-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0336.nasl - Type : ACT_GATHER_INFO
2011-04-01Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12691.nasl - Type : ACT_GATHER_INFO
2011-03-28Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-054.nasl - Type : ACT_GATHER_INFO
2011-03-22Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_6_0-ibm-7369.nasl - Type : ACT_GATHER_INFO
2011-03-22Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-110307.nasl - Type : ACT_GATHER_INFO
2011-03-21Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-7350.nasl - Type : ACT_GATHER_INFO
2011-03-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0364.nasl - Type : ACT_GATHER_INFO
2011-03-17Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12683.nasl - Type : ACT_GATHER_INFO
2011-03-17Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0357.nasl - Type : ACT_GATHER_INFO
2011-03-11Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_4_2-ibm-110223.nasl - Type : ACT_GATHER_INFO
2011-03-11Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12682.nasl - Type : ACT_GATHER_INFO
2011-03-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_4_2-ibm-7348.nasl - Type : ACT_GATHER_INFO
2011-03-10Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0335.nasl - Type : ACT_GATHER_INFO
2011-03-10Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0336.nasl - Type : ACT_GATHER_INFO
2011-03-09Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_5_update9.nasl - Type : ACT_GATHER_INFO
2011-03-09Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_6_update4.nasl - Type : ACT_GATHER_INFO
2011-03-02Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1079-1.nasl - Type : ACT_GATHER_INFO
2011-02-23Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_6_0-sun-7342.nasl - Type : ACT_GATHER_INFO
2011-02-23Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-sun-110217.nasl - Type : ACT_GATHER_INFO
2011-02-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0290.nasl - Type : ACT_GATHER_INFO
2011-02-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0291.nasl - Type : ACT_GATHER_INFO
2011-02-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0292.nasl - Type : ACT_GATHER_INFO
2011-02-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0281.nasl - Type : ACT_GATHER_INFO
2011-02-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0282.nasl - Type : ACT_GATHER_INFO
2011-02-17Name : The remote Fedora host is missing a security update.
File : fedora_2011-1631.nasl - Type : ACT_GATHER_INFO
2011-02-17Name : The remote Fedora host is missing a security update.
File : fedora_2011-1645.nasl - Type : ACT_GATHER_INFO
2011-02-16Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_java_cpu_feb_2011.nasl - Type : ACT_GATHER_INFO
2011-02-15Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2161.nasl - Type : ACT_GATHER_INFO
2011-02-14Name : The remote Fedora host is missing a security update.
File : fedora_2011-1231.nasl - Type : ACT_GATHER_INFO
2011-02-14Name : The remote Fedora host is missing a security update.
File : fedora_2011-1263.nasl - Type : ACT_GATHER_INFO
2011-02-11Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0214.nasl - Type : ACT_GATHER_INFO
2011-02-02Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1055-1.nasl - Type : ACT_GATHER_INFO
2011-01-27Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1052-1.nasl - Type : ACT_GATHER_INFO
2011-01-26Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0176.nasl - Type : ACT_GATHER_INFO
2011-01-20Name : The remote Fedora host is missing a security update.
File : fedora_2011-0500.nasl - Type : ACT_GATHER_INFO
2011-01-20Name : The remote Fedora host is missing a security update.
File : fedora_2011-0521.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:42:08
  • Multiple Updates