oval:org.mitre.oval:def:13836
Definition Id: oval:org.mitre.oval:def:13836 | |||
Oval ID: | oval:org.mitre.oval:def:13836 | ||
Title: | USN-814-1 -- openjdk-6 vulnerabilities | ||
Description: | It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. It was discovered that certain variables could leak information. If a user were tricked into running a malicious Java applet, a remote attacker could exploit this gain access to private information and potentially run untrusted code. A flaw was discovered the OpenType checking. If a user were tricked into running a malicious Java applet, a remote attacker could bypass access restrictions. It was discovered that the XML processor did not correctly check recursion. If a user or automated system were tricked into processing a specially crafted XML, the system could crash, leading to a denial of service. It was discovered that the Java audio subsystem did not correctly validate certain parameters. If a user were tricked into running an untrusted applet, a remote attacker could read system properties. Multiple flaws were discovered in the proxy subsystem. If a user were tricked into running an untrusted applet, a remote attacker could discover local user names, obtain access to sensitive information, or bypass socket restrictions, leading to a loss of privacy. Flaws were discovered in the handling of JPEG images, Unpack200 archives, and JDK13Services. If a user were tricked into running an untrusted applet, a remote attacker could load a specially crafted file that would bypass local file access protections and run arbitrary code with user privileges | ||
Family: | unix | Class: | patch |
Reference(s): | USN-814-1 CVE-2009-0217 CVE-2009-1896 CVE-2009-2475 CVE-2009-2690 CVE-2009-2476 CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2674 CVE-2009-2675 CVE-2009-2676 CVE-2009-2689 | Version: | 5 |
Platform(s): | Ubuntu 8.10 Ubuntu 9.04 | Product(s): | openjdk-6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13306 | |||
Oval ID: | oval:org.mitre.oval:def:13306 | ||
Title: | Ubuntu 8.10 is installed | ||
Description: | Ubuntu 8.10 is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:ubuntu:ubuntu_linux:8.10 | Version: | 3 |
Platform(s): | Ubuntu 8.10 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:13836 |
Definition Id: oval:org.mitre.oval:def:12669 | |||
Oval ID: | oval:org.mitre.oval:def:12669 | ||
Title: | Ubuntu 9.04 is installed | ||
Description: | Ubuntu 9.04 is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:canonical:ubuntu_linux:9.04 | Version: | 5 |
Platform(s): | Ubuntu 9.04 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:13836 |