Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0789-1

Опубликовано: 23 апр. 2015
Источник: suse-cvrf

Описание

Security update for java-1_7_0-openjdk, java-1_7_0-openjdk-bootstrap

OpenJDK was updated to 2.5.5 - OpenJdk 7u79 to fix security issues and bugs:

The following vulnerabilities were fixed:

  • CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols.
  • CVE-2015-0459: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols.
  • CVE-2015-0460: Hotspot: unauthenticated remote attackers could execute arbitrary code via multiple protocols.
  • CVE-2015-0469: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols.
  • CVE-2015-0477: Beans: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols
  • CVE-2015-0478: JCE: unauthenticated remote attackers could read some JAVA accessible data via multiple protocols
  • CVE-2015-0480: Tools: unauthenticated remote attackers could update, insert or delete some JAVA accessible data via multiple protocols and cause a partial denial of service (partial DOS)
  • CVE-2015-0484: JavaFX: unauthenticated remote attackers could read, update, insert or delete access some Java accessible data via multiple protocols and cause a partial denial of service (partial DOS).
  • CVE-2015-0488: JSSE: unauthenticated remote attackers could cause a partial denial of service (partial DOS).
  • CVE-2015-0491: 2D: unauthenticated remote attackers could execute arbitrary code via multiple protocols.
  • CVE-2015-0492: JavaFX: unauthenticated remote attackers could execute arbitrary code via multiple protocols.

Список пакетов

SUSE Linux Enterprise Desktop 12
java-1_7_0-openjdk-1.7.0.79-15.1
java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12
java-1_7_0-openjdk-1.7.0.79-15.1
java-1_7_0-openjdk-demo-1.7.0.79-15.1
java-1_7_0-openjdk-devel-1.7.0.79-15.1
java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server for SAP Applications 12
java-1_7_0-openjdk-1.7.0.79-15.1
java-1_7_0-openjdk-demo-1.7.0.79-15.1
java-1_7_0-openjdk-devel-1.7.0.79-15.1
java-1_7_0-openjdk-headless-1.7.0.79-15.1

Ссылки

Описание

Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки

Описание

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Desktop 12:java-1_7_0-openjdk-headless-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-1.7.0.79-15.1
SUSE Linux Enterprise Server 12:java-1_7_0-openjdk-demo-1.7.0.79-15.1
Ссылки
Уязвимость SUSE-SU-2015:0789-1