oval:org.mitre.oval:def:13836

Definition Id: oval:org.mitre.oval:def:13836
 
Oval ID: oval:org.mitre.oval:def:13836
Title: USN-814-1 -- openjdk-6 vulnerabilities
Description: It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. It was discovered that certain variables could leak information. If a user were tricked into running a malicious Java applet, a remote attacker could exploit this gain access to private information and potentially run untrusted code. A flaw was discovered the OpenType checking. If a user were tricked into running a malicious Java applet, a remote attacker could bypass access restrictions. It was discovered that the XML processor did not correctly check recursion. If a user or automated system were tricked into processing a specially crafted XML, the system could crash, leading to a denial of service. It was discovered that the Java audio subsystem did not correctly validate certain parameters. If a user were tricked into running an untrusted applet, a remote attacker could read system properties. Multiple flaws were discovered in the proxy subsystem. If a user were tricked into running an untrusted applet, a remote attacker could discover local user names, obtain access to sensitive information, or bypass socket restrictions, leading to a loss of privacy. Flaws were discovered in the handling of JPEG images, Unpack200 archives, and JDK13Services. If a user were tricked into running an untrusted applet, a remote attacker could load a specially crafted file that would bypass local file access protections and run arbitrary code with user privileges
Family: unix Class: patch
Reference(s): USN-814-1
CVE-2009-0217
CVE-2009-1896
CVE-2009-2475
CVE-2009-2690
CVE-2009-2476
CVE-2009-2625
CVE-2009-2670
CVE-2009-2671
CVE-2009-2672
CVE-2009-2673
CVE-2009-2674
CVE-2009-2675
CVE-2009-2676
CVE-2009-2689
Version: 5
Platform(s): Ubuntu 8.10
Ubuntu 9.04
Product(s): openjdk-6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13306
 
Oval ID: oval:org.mitre.oval:def:13306
Title: Ubuntu 8.10 is installed
Description: Ubuntu 8.10 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:ubuntu:ubuntu_linux:8.10
Version: 3
Platform(s): Ubuntu 8.10
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13836
Definition Id: oval:org.mitre.oval:def:12669
 
Oval ID: oval:org.mitre.oval:def:12669
Title: Ubuntu 9.04 is installed
Description: Ubuntu 9.04 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:9.04
Version: 5
Platform(s): Ubuntu 9.04
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13836