Executive Summary
Summary | |
---|---|
Title | OpenJDK 7 regression |
Informations | |||
---|---|---|---|
Name | USN-2319-2 | First vendor Publication | 2014-08-26 |
Vendor | Ubuntu | Last vendor Modification | 2014-08-26 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: USN-2319-1 introduced a regression in OpenJDK 7. Software Description: - openjdk-7: Open Source Java implementation Details: USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to Several vulnerabilities were discovered in the OpenJDK JRE related to Two vulnerabilities were discovered in the OpenJDK JRE related to data A vulnerability was discovered in the OpenJDK JRE related to availability. Several vulnerabilities were discovered in the OpenJDK JRE related to Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: After a standard system update you need to restart any Java applications to make all the necessary changes. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-2319-2 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:24440 | |||
Oval ID: | oval:org.mitre.oval:def:24440 | ||
Title: | RHSA-2014:0889: java-1.7.0-openjdk security update (Critical) | ||
Description: | The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-4223, CVE-2014-4262, CVE-2014-2483) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0889-00 CESA-2014:0889 CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 CentOS Linux 6 CentOS Linux 7 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24614 | |||
Oval ID: | oval:org.mitre.oval:def:24614 | ||
Title: | DEPRECATED: RHSA-2014:0889: java-1.7.0-openjdk security update (Critical) | ||
Description: | The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-4223, CVE-2014-4262, CVE-2014-2483) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0889-00 CESA-2014:0889 CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 CentOS Linux 6 CentOS Linux 7 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24694 | |||
Oval ID: | oval:org.mitre.oval:def:24694 | ||
Title: | DSA-2980-1 -- openjdk-6 - security update | ||
Description: | Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the executionof arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2980-1 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 CVE-2014-4268 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | openjdk-6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24806 | |||
Oval ID: | oval:org.mitre.oval:def:24806 | ||
Title: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4262) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4262 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24827 | |||
Oval ID: | oval:org.mitre.oval:def:24827 | ||
Title: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4268) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4268 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24828 | |||
Oval ID: | oval:org.mitre.oval:def:24828 | ||
Title: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity (CVE-2014-4218) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4218 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24873 | |||
Oval ID: | oval:org.mitre.oval:def:24873 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (CVE-2014-4223) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4223 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24964 | |||
Oval ID: | oval:org.mitre.oval:def:24964 | ||
Title: | DEPRECATED: RHSA-2014:0890: java-1.7.0-openjdk security update (Important) | ||
Description: | The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-4223, CVE-2014-4262, CVE-2014-2483) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0890-00 CESA-2014:0890 CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:24985 | |||
Oval ID: | oval:org.mitre.oval:def:24985 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (CVE-2014-2483) | ||
Description: | Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-2483 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25066 | |||
Oval ID: | oval:org.mitre.oval:def:25066 | ||
Title: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity (CVE-2014-4263) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4263 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25092 | |||
Oval ID: | oval:org.mitre.oval:def:25092 | ||
Title: | Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4219) | ||
Description: | Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4219 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25136 | |||
Oval ID: | oval:org.mitre.oval:def:25136 | ||
Title: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity (CVE-2014-4209) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4209 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25154 | |||
Oval ID: | oval:org.mitre.oval:def:25154 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability | ||
Description: | Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-2490 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25160 | |||
Oval ID: | oval:org.mitre.oval:def:25160 | ||
Title: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability (CVE-2014-4216) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4216 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25202 | |||
Oval ID: | oval:org.mitre.oval:def:25202 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity (CVE-2014-4266) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4266 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25216 | |||
Oval ID: | oval:org.mitre.oval:def:25216 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability (CVE-2014-4264) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4264 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25224 | |||
Oval ID: | oval:org.mitre.oval:def:25224 | ||
Title: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity (CVE-2014-4244) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4244 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25249 | |||
Oval ID: | oval:org.mitre.oval:def:25249 | ||
Title: | RHSA-2014:0890: java-1.7.0-openjdk security update (Important) | ||
Description: | The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-4223, CVE-2014-4262, CVE-2014-2483) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0890-00 CESA-2014:0890 CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25273 | |||
Oval ID: | oval:org.mitre.oval:def:25273 | ||
Title: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4252) | ||
Description: | Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4252 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25281 | |||
Oval ID: | oval:org.mitre.oval:def:25281 | ||
Title: | Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality (CVE-2014-4221) | ||
Description: | Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-4221 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment Java Development Kit |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25312 | |||
Oval ID: | oval:org.mitre.oval:def:25312 | ||
Title: | RHSA-2014:0902: java-1.7.0-oracle security update (Critical) | ||
Description: | Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2014-4219, CVE-2014-2490, CVE-2014-4216, CVE-2014-4223, CVE-2014-4262, CVE-2014-2483, CVE-2014-4209, CVE-2014-4218, CVE-2014-4252, CVE-2014-4266, CVE-2014-4221, CVE-2014-4244, CVE-2014-4263, CVE-2014-4227, CVE-2014-4265, CVE-2014-4220, CVE-2014-4208, CVE-2014-4264) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. Note: The way in which the Oracle Java SE packages are delivered has changed. They now reside in a separate channel/repository that requires action from the user to perform prior to getting updated packages. For information on subscribing to the new channel/repository please refer to: https://access.redhat.com/solutions/732883 All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 65 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0902-00 CVE-2014-2483 CVE-2014-2490 CVE-2014-4208 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4223 CVE-2014-4227 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 | Product(s): | java-1.7.0-oracle |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25358 | |||
Oval ID: | oval:org.mitre.oval:def:25358 | ||
Title: | RHSA-2014:0907: java-1.6.0-openjdk security and bug fix update (Important) | ||
Description: | The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2014-4262) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) The CVE-2014-4262 issue was discovered by Florian Weimer of Red Hat Product Security. This update also fixes the following bug: * Prior to this update, an application accessing an unsynchronized HashMap could potentially enter an infinite loop and consume an excessive amount of CPU resources. This update resolves this issue. (BZ#1115580) All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0907-00 CESA-2014:0907 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 CentOS Linux 5 CentOS Linux 6 CentOS Linux 7 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25648 | |||
Oval ID: | oval:org.mitre.oval:def:25648 | ||
Title: | DSA-2987-1 -- openjdk-7 - security update | ||
Description: | Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2987-1 CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4266 CVE-2014-4268 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26067 | |||
Oval ID: | oval:org.mitre.oval:def:26067 | ||
Title: | USN-2319-3 -- openjdk-7 update | ||
Description: | This update provides stability updates for OpenJDK 7. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2319-3 CVE-2014-2483 CVE-2014-2490 CVE-2014-4216 CVE-2014-4219 CVE-2014-4223 CVE-2014-4262 CVE-2014-4209 CVE-2014-4244 CVE-2014-4263 CVE-2014-4218 CVE-2014-4266 CVE-2014-4264 CVE-2014-4221 CVE-2014-4252 CVE-2014-4268 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26198 | |||
Oval ID: | oval:org.mitre.oval:def:26198 | ||
Title: | USN-2319-2 -- openjdk-7 regression | ||
Description: | USN-2319-1 introduced a regression in OpenJDK 7. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2319-2 CVE-2014-2483 CVE-2014-2490 CVE-2014-4216 CVE-2014-4219 CVE-2014-4223 CVE-2014-4262 CVE-2014-4209 CVE-2014-4244 CVE-2014-4263 CVE-2014-4218 CVE-2014-4266 CVE-2014-4264 CVE-2014-4221 CVE-2014-4252 CVE-2014-4268 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26513 | |||
Oval ID: | oval:org.mitre.oval:def:26513 | ||
Title: | USN-2319-1 -- openjdk-7 vulnerabilities | ||
Description: | Several security issues were fixed in OpenJDK 7. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2319-1 CVE-2014-2483 CVE-2014-2490 CVE-2014-4216 CVE-2014-4219 CVE-2014-4223 CVE-2014-4262 CVE-2014-4209 CVE-2014-4244 CVE-2014-4263 CVE-2014-4218 CVE-2014-4266 CVE-2014-4264 CVE-2014-4221 CVE-2014-4252 CVE-2014-4268 | Version: | 3 |
Platform(s): | Ubuntu 14.04 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26557 | |||
Oval ID: | oval:org.mitre.oval:def:26557 | ||
Title: | SUSE-SU-2014:1055-1 -- Security update for IBM Java | ||
Description: | java-1_6_0-ibm has been updated to fix several security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1055-1 CVE-2014-4227 CVE-2014-4262 CVE-2014-4219 CVE-2014-4209 CVE-2014-4268 CVE-2014-4218 CVE-2014-4252 CVE-2014-4265 CVE-2014-4263 CVE-2014-4244 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | IBM Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26967 | |||
Oval ID: | oval:org.mitre.oval:def:26967 | ||
Title: | DEPRECATED: SUSE-SU-2014:1055-1 -- Security update for IBM Java | ||
Description: | java-1_6_0-ibm has been updated to fix several security issues. | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1055-1 CVE-2014-4227 CVE-2014-4262 CVE-2014-4219 CVE-2014-4209 CVE-2014-4268 CVE-2014-4218 CVE-2014-4252 CVE-2014-4265 CVE-2014-4263 CVE-2014-4244 | Version: | 4 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | IBM Java |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26995 | |||
Oval ID: | oval:org.mitre.oval:def:26995 | ||
Title: | ELSA-2014-0890 -- java-1.7.0-openjdk security update (important) | ||
Description: | [1.7.0.65-2.5.1.2.0.1.el5_10] - Add oracle-enterprise.patch - Fix DISTRO_NAME to 'Enterprise Linux' [1.7.0.65-2.5.1.2] - added and applied fix for samrtcard io patch405, pr1864_smartcardIO.patch - Resolves: rhbz#1115872 [1.7.0.65-2.5.1.1.el5] - updated to security patched icedtea7-forest 2.5.1 - Resolves: rhbz#1115872 [1.7.0.60-2.5.0.1.el5] - update to icedtea7-forest 2.5.0 (rh1114937) - Resolves: rhbz#1115872 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0890 CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 | Version: | 5 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28409 | |||
Oval ID: | oval:org.mitre.oval:def:28409 | ||
Title: | DSA-2987-2 -- openjdk-7 regression update | ||
Description: | Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2987-2 CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4266 CVE-2014-4268 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | openjdk-7 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 4 | |
Application | 2 | |
Application | 1 | |
Os | 1 | |
Os | 2 | |
Os | 3 |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-01-22 | IAVM : 2015-B-0007 - Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa... Severity : Category I - VMSKEY : V0058213 |
2014-07-17 | IAVM : 2014-A-0105 - Multiple Vulnerabilities in Oracle Java Severity : Category I - VMSKEY : V0053191 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-07-23 | Oracle Java AtomicReferenceFieldUpdater remote code execution attempt RuleID : 50460 - Revision : 1 - Type : FILE-JAVA |
2019-07-23 | Oracle Java AtomicReferenceFieldUpdater remote code execution attempt RuleID : 50459 - Revision : 1 - Type : FILE-JAVA |
2016-03-22 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37805 - Revision : 3 - Type : FILE-JAVA |
2016-03-22 | Oracle Java IntegerInterleavedRaster integer overflow attempt RuleID : 37804 - Revision : 4 - Type : FILE-JAVA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-96.nasl - Type : ACT_GATHER_INFO |
2015-03-12 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : ibm_rational_clearquest_8_0_1_6.nasl - Type : ACT_GATHER_INFO |
2015-02-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2015-0264.nasl - Type : ACT_GATHER_INFO |
2015-02-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201502-12.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10659.nasl - Type : ACT_GATHER_INFO |
2014-12-16 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-773.nasl - Type : ACT_GATHER_INFO |
2014-12-16 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-772.nasl - Type : ACT_GATHER_INFO |
2014-12-12 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2014-0012.nasl - Type : ACT_GATHER_INFO |
2014-12-12 | Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_vcenter_update_mgr_vmsa-2014-0012.nasl - Type : ACT_GATHER_INFO |
2014-11-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0908.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0902.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-387.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-383.nasl - Type : ACT_GATHER_INFO |
2014-09-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2319-3.nasl - Type : ACT_GATHER_INFO |
2014-08-29 | Name : The remote application server may be affected by multiple vulnerabilities. File : websphere_8_5_5_3.nasl - Type : ACT_GATHER_INFO |
2014-08-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2319-2.nasl - Type : ACT_GATHER_INFO |
2014-08-22 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-140815.nasl - Type : ACT_GATHER_INFO |
2014-08-22 | Name : The remote AIX host has a version of Java SDK installed that is affected by m... File : aix_java_jul2014_advisory.nasl - Type : ACT_GATHER_INFO |
2014-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2319-1.nasl - Type : ACT_GATHER_INFO |
2014-08-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-140815.nasl - Type : ACT_GATHER_INFO |
2014-08-20 | Name : A web application on the remote host is affected by multiple vulnerabilities. File : puppet_enterprise_331.nasl - Type : ACT_GATHER_INFO |
2014-08-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2312-1.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1042.nasl - Type : ACT_GATHER_INFO |
2014-08-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1041.nasl - Type : ACT_GATHER_INFO |
2014-08-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1036.nasl - Type : ACT_GATHER_INFO |
2014-08-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1033.nasl - Type : ACT_GATHER_INFO |
2014-08-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-140721.nasl - Type : ACT_GATHER_INFO |
2014-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-141.nasl - Type : ACT_GATHER_INFO |
2014-07-29 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_jrockit_cpu_jul_2014.nasl - Type : ACT_GATHER_INFO |
2014-07-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2987.nasl - Type : ACT_GATHER_INFO |
2014-07-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2980.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0907.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0907.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0907.nasl - Type : ACT_GATHER_INFO |
2014-07-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140721_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140716_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140716_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0890.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0889.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0890.nasl - Type : ACT_GATHER_INFO |
2014-07-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0889.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_jul_2014.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0890.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0889.nasl - Type : ACT_GATHER_INFO |
2014-07-16 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_jul_2014_unix.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-08-27 13:24:37 |
|
2014-08-26 05:22:45 |
|