oval:org.mitre.oval:def:13408
Definition Id: oval:org.mitre.oval:def:13408 | |||
Oval ID: | oval:org.mitre.oval:def:13408 | ||
Title: | USN-713-1 -- openjdk-6 vulnerabilities | ||
Description: | It was discovered that Java did not correctly handle untrusted applets. If a user were tricked into running a malicious applet, a remote attacker could gain user privileges, or list directory contents. It was discovered that Kerberos authentication and RSA public key processing were not correctly handled in Java. A remote attacker could exploit these flaws to cause a denial of service. It was discovered that Java accepted UTF-8 encodings that might be handled incorrectly by certain applications. A remote attacker could bypass string filters, possible leading to other exploits. Overflows were discovered in Java JAR processing. If a user or automated system were tricked into processing a malicious JAR file, a remote attacker could crash the application, leading to a denial of service. It was discovered that Java calendar objects were not unserialized safely. If a user or automated system were tricked into processing a specially crafted calendar object, a remote attacker could execute arbitrary code with user privileges. It was discovered that the Java image handling code could lead to memory corruption. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could crash the application, leading to a denial of service. It was discovered that temporary files created by Java had predictable names. If a user or automated system were tricked into processing a specially crafted JAR file, a remote attacker could overwrite sensitive information | ||
Family: | unix | Class: | patch |
Reference(s): | USN-713-1 CVE-2008-5347 CVE-2008-5350 CVE-2008-5348 CVE-2008-5349 CVE-2008-5351 CVE-2008-5352 CVE-2008-5354 CVE-2008-5353 CVE-2008-5358 CVE-2008-5359 CVE-2008-5360 | Version: | 5 |
Platform(s): | Ubuntu 8.10 | Product(s): | openjdk-6 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13306 | |||
Oval ID: | oval:org.mitre.oval:def:13306 | ||
Title: | Ubuntu 8.10 is installed | ||
Description: | Ubuntu 8.10 is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:ubuntu:ubuntu_linux:8.10 | Version: | 3 |
Platform(s): | Ubuntu 8.10 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:13408 |