RHSA-2009:1571: java-1.5.0-sun security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | November 05, 2009 | November 12, 2009 | July 04, 2017 |
Available Exploits 
Description
The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment andthe Sun Java 5 Software Development Kit.This update fixes several vulnerabilities in the Sun Java 5 RuntimeEnvironment and the Sun Java 5 Software Development Kit. Thesevulnerabilities are summarized on the "Advance notification of SecurityUpdates for Java SE" page from Sun Microsystems, listed in the Referencessection. (CVE-2009-2409, CVE-2009-3728, CVE-2009-3873, CVE-2009-3876,CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882,CVE-2009-3883, CVE-2009-3884)Note: This is the final update for the java-1.5.0-sun packages, as the SunJava SE Release family 5.0 has now reached End of Service Life. The nextupdate will remove the java-1.5.0-sun packages.An alternative to Sun Java SE 5.0 is the Java 2 Technology Edition of theIBM Developer Kit for Linux, which is available from the Extras andSupplementary channels on the Red Hat Network. For users of applicationsthat are capable of using the Java 6 runtime, the OpenJDK open source JDKis included in Red Hat Enterprise Linux 5 (since 5.3) and is supported byRed Hat.Users of java-1.5.0-sun should upgrade to these updated packages, whichcorrect these issues. All running instances of Sun Java must be restartedfor the update to take effect.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
References
- APPLE-APPLE-SA-2009-11-09-1
- APPLE-APPLE-SA-2009-12-03-1
- APPLE-APPLE-SA-2009-12-03-2
- BID-36881
- CVE-2009-2409
- CVE-2009-3728
- CVE-2009-3867
- CVE-2009-3868
- CVE-2009-3869
- CVE-2009-3871
- CVE-2009-3873
- CVE-2009-3874
- CVE-2009-3875
- CVE-2009-3876
- CVE-2009-3877
- CVE-2009-3879
- CVE-2009-3880
- CVE-2009-3881
- CVE-2009-3882
- CVE-2009-3883
- CVE-2009-3884
- DEBIAN-DSA-1874
- DEBIAN-DSA-1888
- OVAL-OVAL10191
- OVAL-OVAL10328
- OVAL-OVAL10469
- OVAL-OVAL10520
- OVAL-OVAL10741
- OVAL-OVAL10761
- OVAL-OVAL10763
- OVAL-OVAL11262
- OVAL-OVAL11484
- OVAL-OVAL11566
- OVAL-OVAL11686
- OVAL-OVAL11746
- OVAL-OVAL11834
- OVAL-OVAL11847
- OVAL-OVAL11903
- OVAL-OVAL11934
- OVAL-OVAL12057
- OVAL-OVAL12112
- OVAL-OVAL12134
- OVAL-OVAL12232
- OVAL-OVAL6631
- OVAL-OVAL6657
- OVAL-OVAL6698
- OVAL-OVAL6746
- OVAL-OVAL6786
- OVAL-OVAL6805
- OVAL-OVAL6906
- OVAL-OVAL6960
- OVAL-OVAL6968
- OVAL-OVAL6970
- OVAL-OVAL7148
- OVAL-OVAL7155
- OVAL-OVAL7300
- OVAL-OVAL7316
- OVAL-OVAL7400
- OVAL-OVAL7442
- OVAL-OVAL7545
- OVAL-OVAL7549
- OVAL-OVAL7750
- OVAL-OVAL7913
- OVAL-OVAL8275
- OVAL-OVAL8330
- OVAL-OVAL8396
- OVAL-OVAL8566
- OVAL-OVAL8594
- OVAL-OVAL8603
- OVAL-OVAL8608
- OVAL-OVAL8622
- OVAL-OVAL8841
- OVAL-OVAL9360
- OVAL-OVAL9568
- OVAL-OVAL9602
- REDHAT-RHSA-2009:1207
- REDHAT-RHSA-2009:1432
- REDHAT-RHSA-2009:1571
- REDHAT-RHSA-2009:1694
- REDHAT-RHSA-2010:0095
- SUSE-SUSE-SA:2009:058
Solution
redhat-upgrade-java-1-5-0-sunRelated Vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2009-3883
- Apple Java security update for CVE-2009-3872
- Gentoo Linux: CVE-2009-3869: Sun JDK/JRE: Multiple vulnerabilities
- JRE Deployment Toolkit Vulnerability
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3871)
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3867)
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3882)
- JRE DER Decoding Denial of Service
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3871)
- RHSA-2009:1184: nspr and nss security and bug fix update
- USN-830-1: OpenSSL vulnerability
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3866)
- SUSE Linux Security Vulnerability: CVE-2009-3868
- JRE Non-English Update Flaw
- HP-UX: CVE-2009-3877: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- Cent OS: CVE-2009-3869: CESA-2009:1584 (java-1.6.0-openjdk)
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3728)
- JRE Audio and Image File Buffer and Integer Overflow Vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2009-3876
- Gentoo Linux: CVE-2009-3871: Sun JDK/JRE: Multiple vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2009-3881
- ELSA-2010-0163 Moderate: Enterprise Linux openssl security update
- USN-809-1: GnuTLS vulnerabilities
- USN-810-1: NSS vulnerabilities
- HP-UX: CVE-2009-3872: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3865)
- Apple Java security update for CVE-2009-3865
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3876)
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3874)
- Apple Java security update for CVE-2009-3884
- RHSA-2009:1584: java-1.6.0-openjdk security update
- Gentoo Linux: CVE-2009-3882: Sun JDK/JRE: Multiple vulnerabilities
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3879)
- Apple Java security update for CVE-2009-3875
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3868)
- Gentoo Linux: CVE-2009-3884: Sun JDK/JRE: Multiple vulnerabilities
- Apple Java security update for CVE-2009-3877
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3873)
- HP-UX: CVE-2009-3874: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2009-3874
- HP-UX: CVE-2009-3871: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3875)
- Gentoo Linux: CVE-2009-3868: Sun JDK/JRE: Multiple vulnerabilities
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3869)
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3867)
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3864)
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3877)
- SUSE Linux Security Vulnerability: CVE-2009-3865
- HP-UX: CVE-2009-3867: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- Cent OS: CVE-2009-3873: CESA-2009:1584 (java-1.6.0-openjdk)
- Apple Java security update for CVE-2009-3871
- ELSA-2010-0054 Moderate: Enterprise Linux openssl security update
- SUSE Linux Security Vulnerability: CVE-2009-3875
- SUSE Linux Security Vulnerability: CVE-2009-3882
- Gentoo Linux: CVE-2009-3867: Sun JDK/JRE: Multiple vulnerabilities
- ELSA-2010-0166 Moderate: Enterprise Linux gnutls security update
- HP-UX: CVE-2009-3876: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- Gentoo Linux: CVE-2009-3883: Sun JDK/JRE: Multiple vulnerabilities
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3868)
- Gentoo Linux: CVE-2009-3879: Sun JDK/JRE: Multiple vulnerabilities
- RHSA-2010:0163: openssl security update
- RHSA-2009:1207: nspr and nss security update
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3880)
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3875)
- Gentoo Linux: CVE-2009-3874: Sun JDK/JRE: Multiple vulnerabilities
- RHSA-2010:0166: gnutls security update
- Cent OS: CVE-2009-3875: CESA-2009:1584 (java-1.6.0-openjdk)
- HP-UX: CVE-2009-3873: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3866)
- HP-UX: CVE-2009-3875: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- Cent OS: CVE-2009-3874: CESA-2009:1584 (java-1.6.0-openjdk)
- SUSE Linux Security Vulnerability: CVE-2009-3877
- Gentoo Linux: CVE-2009-3881: Sun JDK/JRE: Multiple vulnerabilities
- Gentoo Linux: CVE-2009-3875: Sun JDK/JRE: Multiple vulnerabilities
- RHSA-2009:1694: java-1.6.0-ibm security update
- SUSE Linux Security Vulnerability: CVE-2009-3884
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3872)
- RHSA-2009:1560: java-1.6.0-sun security update
- Sun Patch: SunOS 5.10_x86: openssl patch
- SUSE Linux Security Vulnerability: CVE-2009-3728
- Gentoo Linux: CVE-2009-3880: Sun JDK/JRE: Multiple vulnerabilities
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3883)
- Cent OS: CVE-2009-3871: CESA-2009:1584 (java-1.6.0-openjdk)
- SUSE Linux Security Vulnerability: CVE-2009-3871
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3872)
- Apple Java security update for CVE-2009-3728
- VMSA-2010-0015.1: Service Console update (CVE-2009-2409)
- HP-UX: CVE-2009-3868: Running Java, Remote Increase in Privilege, Denial of Service and Other Vulnerabilities
- RHSA-2009:1647: java-1.5.0-ibm security update
- VMSA-2010-0005: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3873)
- Gentoo Linux: CVE-2009-3728: Sun JDK/JRE: Multiple vulnerabilities
- JRE Timing Attack
- SUSE Linux Security Vulnerability: CVE-2009-3873
- Apple Java security update for CVE-2009-3873
- JRE Multiple Overflows
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3884)
- Gentoo Linux: CVE-2009-3866: Sun JDK/JRE: Multiple vulnerabilities
- VMSA-2010-0002.4: WebAccess Context Data Cross-site Scripting Vulnerability (CVE-2009-3869)
- RHSA-2009:1190: nspr and nss security and bug fix update
- RHSA-2010:0054: openssl security update