Rapid7 Vulnerability & Exploit Database

RHSA-2010:0339: java-1.6.0-openjdk security update

Back to Search

RHSA-2010:0339: java-1.6.0-openjdk security update



These packages provide the OpenJDK 6 Java Runtime Environment and theOpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)contains the software and tools that users need to run applications writtenusing the Java programming language.A flaw was found in the way the TLS/SSL (Transport Layer Security/SecureSockets Layer) protocols handle session renegotiation. A man-in-the-middleattacker could use this flaw to prefix arbitrary plain text to a client'ssession (for example, an HTTPS connection to a website). This could forcethe server to process an attacker's request as if authenticated using thevictim's credentials. (CVE-2009-3555)This update disables renegotiation in the Java Secure Socket Extension(JSSE) component. Unsafe renegotiation can be re-enabled using thesun.security.ssl.allowUnsafeRenegotiation property. Refer to the followingKnowledgebase article for details:http://kbase.redhat.com/faq/docs/DOC-20491A number of flaws have been fixed in the Java Virtual Machine (JVM) and invarious Java class implementations. These flaws could allow an unsignedapplet or application to bypass intended access restrictions.(CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0094)An untrusted applet could access clipboard information if a drag operationwas performed over that applet's canvas. This could lead to an informationleak. (CVE-2010-0091)The rawIndex operation incorrectly handled large values, causing thecorruption of internal memory structures, resulting in an untrusted appletor application crashing. (CVE-2010-0092)The System.arraycopy operation incorrectly handled large index values,potentially causing array corruption in an untrusted applet or application.(CVE-2010-0093)Subclasses of InetAddress may incorrectly interpret network addresses,allowing an untrusted applet or application to bypass network accessrestrictions. (CVE-2010-0095)In certain cases, type assignments could result in "non-exact" interfacetypes. This could be used to bypass type-safety restrictions.(CVE-2010-0845)A buffer overflow flaw in LittleCMS (embedded in OpenJDK) could cause anuntrusted applet or application using color profiles from untrusted sourcesto crash. (CVE-2010-0838)An input validation flaw was found in the JRE unpack200 functionality. Anuntrusted applet or application could use this flaw to elevate itsprivileges. (CVE-2010-0837)Deferred calls to trusted applet methods could be granted incorrectpermissions, allowing an untrusted applet or application to extend itsprivileges. (CVE-2010-0840)A missing input validation flaw in the JRE could allow an attacker to crashan untrusted applet or application. (CVE-2010-0848)A flaw in Java2D could allow an attacker to execute arbitrary code with theprivileges of a user running an untrusted applet or application that usesJava2D. (CVE-2010-0847)Note: The flaws concerning applets in this advisory, CVE-2010-0082,CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092,CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838,CVE-2010-0840, CVE-2010-0847, and CVE-2010-0848, can only be triggered injava-1.6.0-openjdk by calling the "appletviewer" application.This update also provides three defense in depth patches. (BZ#575745,BZ#575861, BZ#575789)All users of java-1.6.0-openjdk are advised to upgrade to these updatedpackages, which resolve these issues. All running instances of OpenJDK Javamust be restarted for the update to take effect.


  • redhat-upgrade-java-1-6-0-openjdk
  • redhat-upgrade-java-1-6-0-openjdk-demo
  • redhat-upgrade-java-1-6-0-openjdk-devel
  • redhat-upgrade-java-1-6-0-openjdk-javadoc
  • redhat-upgrade-java-1-6-0-openjdk-src

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center