oval:org.mitre.oval:def:13043

Definition Id: oval:org.mitre.oval:def:13043
 
Oval ID: oval:org.mitre.oval:def:13043
Title: DSA-2224-1 openjdk-6 -- several
Description: Several security vulnerabilities were discovered in OpenJDK, an implementation of the Java platform. CVE-2010-4351 The JNLP SecurityManager returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader. CVE-2010-4448 Malicious applets can perform DNS cache poisoning. CVE-2010-4450 An empty LD_LIBRARY_PATH environment variable results in a misconstructed library search path, resulting in code execution from possibly untrusted sources. CVE-2010-4465 Malicious applets can extend their privileges by abusing Swing timers. CVE-2010-4469 The Hotspot just-in-time compiler miscompiles crafted byte sequences, resulting in heap corruption. CVE-2010-4470 JAXP can be exploited by untrusted code to elevate privileges. CVE-2010-4471 Java2D can be exploited by untrusted code to elevate privileges. CVE-2010-4472 Untrusted code can replace the XML DSIG implementation. CVE-2011-0025 Signatures on JAR files are not properly verified, which allows remote attackers to trick users into executing code that appears to come from a trusted source. CVE-2011-0706 The JNLPClassLoader class allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor In addition, this security update contains stability fixes, such as switching to the recommended Hotspot version for this particular version of OpenJDK.
Family: unix Class: patch
Reference(s): DSA-2224-1
CVE-2010-4351
CVE-2010-4448
CVE-2010-4450
CVE-2010-4465
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2011-0025
CVE-2011-0706
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): openjdk-6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6513
 
Oval ID: oval:org.mitre.oval:def:6513
Title: Debian GNU/Linux 5.0 is installed
Description: Debian GNU/Linux 5.0 (lenny) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux:5.0
Version: 7
Platform(s): Debian GNU/Linux 5.0
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13043
Definition Id: oval:org.mitre.oval:def:12959
 
Oval ID: oval:org.mitre.oval:def:12959
Title: Debian 6.0 is installed
Description: Debian 6.0 (squeeze) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian:6.0
Version: 6
Platform(s): Debian 6.0
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13043
Definition Id: oval:org.mitre.oval:def:24894
 
Oval ID: oval:org.mitre.oval:def:24894
Title: Debian GNU/Linux is installed
Description: Debian GNU/Linux is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux
Version: 3
Platform(s): Debian GNU/Linux
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13043
Definition Id: oval:org.mitre.oval:def:24698
 
Oval ID: oval:org.mitre.oval:def:24698
Title: Debian GNU/kFreeBSD is installed
Description: Debian GNU/kFreeBSD is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/kfreebsd
Version: 3
Platform(s): Debian GNU/kFreeBSD
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13043