Rapid7 Vulnerability & Exploit Database

RHSA-2009:1201: java-1.6.0-openjdk security and bug fix update

Back to Search

RHSA-2009:1201: java-1.6.0-openjdk security and bug fix update

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
08/10/2009
Created
07/25/2018
Added
09/12/2009
Modified
07/04/2017

Description

These packages provide the OpenJDK 6 Java Runtime Environment and theOpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)contains the software and tools that users need to run applications writtenusing the Java programming language.A flaw was found in the way the XML Digital Signature implementation in theJRE handled HMAC-based XML signatures. An attacker could use this flaw tocreate a crafted signature that could allow them to bypass authentication,or trick a user, applet, or application into accepting untrusted content.(CVE-2009-0217)Several potential information leaks were found in various mutable staticvariables. These could be exploited in application scenarios that executeuntrusted scripting code. (CVE-2009-2475)It was discovered that OpenType checks can be bypassed. This could allow arogue application to bypass access restrictions by acquiring references toprivileged objects through finalizer resurrection. (CVE-2009-2476)A denial of service flaw was found in the way the JRE processes XML. Aremote attacker could use this flaw to supply crafted XML that would leadto a denial of service. (CVE-2009-2625)A flaw was found in the JRE audio system. An untrusted applet orapplication could use this flaw to gain read access to restricted Systemproperties. (CVE-2009-2670)Two flaws were found in the JRE proxy implementation. An untrusted appletor application could use these flaws to discover the usernames of usersrunning applets and applications, or obtain web browser cookies and usethem for session hijacking attacks. (CVE-2009-2671, CVE-2009-2672)An additional flaw was found in the proxy mechanism implementation. Thisflaw allowed an untrusted applet or application to bypass accessrestrictions and communicate using non-authorized socket or URL connectionsto hosts other than the origin host. (CVE-2009-2673) An integer overflow flaw was found in the way the JRE processes JPEGimages. An untrusted application could use this flaw to extend itsprivileges, allowing it to read and write local files, as well as toexecute local applications with the privileges of the user running theapplication. (CVE-2009-2674)An integer overflow flaw was found in the JRE unpack200 functionality. Anuntrusted applet or application could extend its privileges, allowing it toread and write local files, as well as to execute local applications withthe privileges of the user running the applet or application. (CVE-2009-2675)It was discovered that JDK13Services grants unnecessary privileges tocertain object types. This could be misused by an untrusted applet orapplication to use otherwise restricted functionality. (CVE-2009-2689)An information disclosure flaw was found in the way private Java variableswere handled. An untrusted applet or application could use this flaw toobtain information from variables that would otherwise be private.(CVE-2009-2690)Note: The flaws concerning applets in this advisory, CVE-2009-2475,CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675,CVE-2009-2689, and CVE-2009-2690, can only be triggered injava-1.6.0-openjdk by calling the "appletviewer" application.This update also fixes the following bug:All users of java-1.6.0-openjdk are advised to upgrade to these updatedpackages, which resolve these issues. All running instances of OpenJDK Javamust be restarted for the update to take effect.

Solution(s)

  • redhat-upgrade-java-1-6-0-openjdk
  • redhat-upgrade-java-1-6-0-openjdk-demo
  • redhat-upgrade-java-1-6-0-openjdk-devel
  • redhat-upgrade-java-1-6-0-openjdk-javadoc
  • redhat-upgrade-java-1-6-0-openjdk-src

References

  • redhat-upgrade-java-1-6-0-openjdk
  • redhat-upgrade-java-1-6-0-openjdk-demo
  • redhat-upgrade-java-1-6-0-openjdk-devel
  • redhat-upgrade-java-1-6-0-openjdk-javadoc
  • redhat-upgrade-java-1-6-0-openjdk-src

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;