Rapid7 Vulnerability & Exploit Database

Oracle Linux: CVE-2016-5542: ELSA-2017-0061: java-1.6.0-openjdk security update (IMPORTANT) (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Oracle Linux: CVE-2016-5542: ELSA-2017-0061: java-1.6.0-openjdk security update (IMPORTANT) (Multiple Advisories)

Severity

CVSS

(AV:N/AC:H/Au:N/C:N/I:P/A:N)

Published

10/18/2016

Created

07/25/2018

Added

10/25/2016

Modified

07/22/2024

Description

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries. It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm.

Solution(s)

oracle-linux-upgrade-java-1-6-0-openjdk
oracle-linux-upgrade-java-1-6-0-openjdk-demo
oracle-linux-upgrade-java-1-6-0-openjdk-devel
oracle-linux-upgrade-java-1-6-0-openjdk-javadoc
oracle-linux-upgrade-java-1-6-0-openjdk-src
oracle-linux-upgrade-java-1-7-0-openjdk
oracle-linux-upgrade-java-1-7-0-openjdk-accessibility
oracle-linux-upgrade-java-1-7-0-openjdk-demo
oracle-linux-upgrade-java-1-7-0-openjdk-devel
oracle-linux-upgrade-java-1-7-0-openjdk-headless
oracle-linux-upgrade-java-1-7-0-openjdk-javadoc
oracle-linux-upgrade-java-1-7-0-openjdk-src
oracle-linux-upgrade-java-1-8-0-openjdk
oracle-linux-upgrade-java-1-8-0-openjdk-accessibility
oracle-linux-upgrade-java-1-8-0-openjdk-accessibility-debug
oracle-linux-upgrade-java-1-8-0-openjdk-debug
oracle-linux-upgrade-java-1-8-0-openjdk-demo
oracle-linux-upgrade-java-1-8-0-openjdk-demo-debug
oracle-linux-upgrade-java-1-8-0-openjdk-devel
oracle-linux-upgrade-java-1-8-0-openjdk-devel-debug
oracle-linux-upgrade-java-1-8-0-openjdk-headless
oracle-linux-upgrade-java-1-8-0-openjdk-headless-debug
oracle-linux-upgrade-java-1-8-0-openjdk-javadoc
oracle-linux-upgrade-java-1-8-0-openjdk-javadoc-debug
oracle-linux-upgrade-java-1-8-0-openjdk-src
oracle-linux-upgrade-java-1-8-0-openjdk-src-debug

References

https://attackerkb.com/topics/cve-2016-5542
CVE - 2016-5542
ELSA-2017-0061
ELSA-2016-2658
ELSA-2016-2079

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Oracle Linux: CVE-2016-5542: ELSA-2017-0061: java-1.6.0-openjdk security update (IMPORTANT) (Multiple Advisories)

Oracle Linux: CVE-2016-5542: ELSA-2017-0061: java-1.6.0-openjdk security update (IMPORTANT) (Multiple Advisories)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.