Executive Summary

Summary
Title HP-UX Running Java, Remote Indirect Vulnerabilities
Informations
Name HPSBUX02825 SSRT100974 First vendor Publication 2012-10-23
Vendor HP Last vendor Modification 2012-10-23
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:N)
Cvss Base Score 0 Attack Range Network
Cvss Impact Score 0 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A potential security vulnerability has been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. This could allow remote unspecified indirect vulnerabilities.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03538957

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17793
 
Oval ID: oval:org.mitre.oval:def:17793
Title: USN-1553-1 -- openjdk-6 vulnerabilities
Description: Two security issues were fixed in OpenJDK 6.
Family: unix Class: patch
Reference(s): USN-1553-1
CVE-2012-1682
CVE-2012-0547
Version: 7
Platform(s): Ubuntu 12.04
Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04
Product(s): openjdk-6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19842
 
Oval ID: oval:org.mitre.oval:def:19842
Title: HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references."
Family: unix Class: vulnerability
Reference(s): CVE-2012-0547
Version: 10
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 69
Application 130
Application 20
Application 20

OpenVAS Exploits

Date Description
2012-12-13 Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1175-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1175_1.nasl
2012-10-09 Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:150-1 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2012_150_1.nasl
2012-09-21 Name : Java for Mac OS X 10.6 Update 10
File : nvt/gb_macosx_java_10_6_upd_10.nasl
2012-09-04 Name : CentOS Update for java CESA-2012:1221 centos6
File : nvt/gb_CESA-2012_1221_java_centos6.nasl
2012-09-04 Name : CentOS Update for java CESA-2012:1222 centos5
File : nvt/gb_CESA-2012_1222_java_centos5.nasl
2012-09-04 Name : CentOS Update for java CESA-2012:1223 centos6
File : nvt/gb_CESA-2012_1223_java_centos6.nasl
2012-09-04 Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1221-01
File : nvt/gb_RHSA-2012_1221-01_java-1.6.0-openjdk.nasl
2012-09-04 Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1222-01
File : nvt/gb_RHSA-2012_1222-01_java-1.6.0-openjdk.nasl
2012-09-04 Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1223-01
File : nvt/gb_RHSA-2012_1223-01_java-1.7.0-openjdk.nasl
2012-09-04 Name : Ubuntu Update for openjdk-6 USN-1553-1
File : nvt/gb_ubuntu_USN_1553_1.nasl
2012-09-03 Name : Oracle Java SE JRE AWT Component Unspecified Vulnerability - (Windows)
File : nvt/gb_oracle_java_se_jre_awt_comp_unspecified_vuln_win.nasl

Nessus® Vulnerability Scanner

Date Description
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO
2014-06-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-592.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-601.nasl - Type : ACT_GATHER_INFO
2014-01-27 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-119.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1222.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1223.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1221.nasl - Type : ACT_GATHER_INFO
2013-02-22 Name : The remote Unix host contains a programming platform that is affected by mult...
File : oracle_java7_update6_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22 Name : The remote host contains a runtime environment that contains methods that can...
File : oracle_java6_update35_unix.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-openjdk-120905.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_7_0-ibm-120919.nasl - Type : ACT_GATHER_INFO
2012-11-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1466.nasl - Type : ACT_GATHER_INFO
2012-10-31 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20121018_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-10-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1392.nasl - Type : ACT_GATHER_INFO
2012-10-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-150.nasl - Type : ACT_GATHER_INFO
2012-09-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1289.nasl - Type : ACT_GATHER_INFO
2012-09-06 Name : The remote host has a version of Java that contains methods that can aid in f...
File : macosx_java_2012-005.nasl - Type : ACT_GATHER_INFO
2012-09-06 Name : The remote host has a version of Java that contains methods that can aid in f...
File : macosx_java_10_6_update10.nasl - Type : ACT_GATHER_INFO
2012-09-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1223.nasl - Type : ACT_GATHER_INFO
2012-09-05 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120903_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-09-05 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120903_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-09-05 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120903_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-09-04 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1553-1.nasl - Type : ACT_GATHER_INFO
2012-09-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1223.nasl - Type : ACT_GATHER_INFO
2012-09-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1225.nasl - Type : ACT_GATHER_INFO
2012-09-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1222.nasl - Type : ACT_GATHER_INFO
2012-09-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1221.nasl - Type : ACT_GATHER_INFO
2012-09-04 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1222.nasl - Type : ACT_GATHER_INFO
2012-09-04 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1221.nasl - Type : ACT_GATHER_INFO
2012-08-31 Name : The remote host contains a runtime environment that contains methods that can...
File : oracle_java6_update35.nasl - Type : ACT_GATHER_INFO
2012-08-27 Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_java7_update6.nasl - Type : ACT_GATHER_INFO