USN-923-1: OpenJDK vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | March 31, 2010 | May 05, 2013 | July 03, 2017 |
Available Exploits 
Description
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
References
- APPLE-APPLE-SA-2010-01-19-1
- APPLE-APPLE-SA-2010-05-18-1
- APPLE-APPLE-SA-2010-05-18-2
- BID-36935
- BID-39065
- BID-39069
- BID-39071
- BID-39078
- CERT-TA10-222A
- CERT-TA10-287A
- CERT-VN-120541
- CVE-2009-3555
- CVE-2010-0082
- CVE-2010-0084
- CVE-2010-0085
- CVE-2010-0088
- CVE-2010-0091
- CVE-2010-0092
- CVE-2010-0093
- CVE-2010-0094
- CVE-2010-0095
- CVE-2010-0837
- CVE-2010-0838
- CVE-2010-0840
- CVE-2010-0845
- CVE-2010-0847
- CVE-2010-0848
- DEBIAN-DSA-1934
- DEBIAN-DSA-2141
- DEBIAN-DSA-3253
- DISA_SEVERITY-Category I
- DISA_VMSKEY-V0027158
- IAVM-2011-A-0066
- MS-MS10-049
- OSVDB-60521
- OSVDB-60972
- OSVDB-62210
- OSVDB-63481
- OSVDB-63482
- OSVDB-63485
- OSVDB-65202
- OVAL-OVAL10057
- OVAL-OVAL10088
- OVAL-OVAL10392
- OVAL-OVAL10474
- OVAL-OVAL10482
- OVAL-OVAL10680
- OVAL-OVAL10851
- OVAL-OVAL11120
- OVAL-OVAL11173
- OVAL-OVAL11576
- OVAL-OVAL11578
- OVAL-OVAL11617
- OVAL-OVAL11621
- OVAL-OVAL13492
- OVAL-OVAL13803
- OVAL-OVAL13923
- OVAL-OVAL13934
- OVAL-OVAL13971
- OVAL-OVAL14061
- OVAL-OVAL14105
- OVAL-OVAL14210
- OVAL-OVAL14276
- OVAL-OVAL14288
- OVAL-OVAL14321
- OVAL-OVAL14350
- OVAL-OVAL14351
- OVAL-OVAL14453
- OVAL-OVAL14521
- OVAL-OVAL7315
- OVAL-OVAL7478
- OVAL-OVAL7973
- OVAL-OVAL8366
- OVAL-OVAL8535
- OVAL-OVAL9855
- OVAL-OVAL9877
- OVAL-OVAL9896
- OVAL-OVAL9899
- OVAL-OVAL9974
- REDHAT-RHSA-2010:0119
- REDHAT-RHSA-2010:0130
- REDHAT-RHSA-2010:0155
- REDHAT-RHSA-2010:0165
- REDHAT-RHSA-2010:0167
- REDHAT-RHSA-2010:0337
- REDHAT-RHSA-2010:0338
- REDHAT-RHSA-2010:0339
- REDHAT-RHSA-2010:0383
- REDHAT-RHSA-2010:0471
- REDHAT-RHSA-2010:0489
- REDHAT-RHSA-2010:0768
- REDHAT-RHSA-2010:0770
- REDHAT-RHSA-2010:0786
- REDHAT-RHSA-2010:0807
- REDHAT-RHSA-2010:0865
- REDHAT-RHSA-2010:0986
- REDHAT-RHSA-2010:0987
- REDHAT-RHSA-2011:0880
- SUSE-SUSE-SA:2009:057
- SUSE-SUSE-SA:2010:061
- USN-USN-923-1
- XF-54158
- XF-57346
Solution
ubuntu-upgrade-openjdk-6-jreRelated Vulnerabilities
- SUSE Linux Security Advisory: SUSE-SU-2014:1100-1
- Cent OS: CVE-2010-0848: CESA-2010:0339 (java-1.6.0-openjdk)
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is (CVE-2010-0088)
- RHSA-2010:0489: java-1.5.0-ibm security update
- USN-860-1: Apache vulnerabilities
- Sun Patch: NSS_NSPR_JSS 3.21: NSPR 4.11 / NSS 3.21 / JSS 4.3.2
- SUSE Linux Security Vulnerability: CVE-2010-0847
- AIX 6.1 - ssl_advisory : AIX_OpenSSL_session_renegotiation_vulnerability (APAR N/A)
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is (CVE-2010-0082)
- Sun Patch: NSS_NSPR_JSS 3.21 Solaris_x86: NSPR 4.11 / NSS 3.21 / JSS 4.3.2 Ma
- SUSE Linux Security Vulnerability: CVE-2010-0085
- Apple Java security update for CVE-2010-0084
- SUSE Linux Security Advisory: SUSE-SR:2010:019
- USN-927-4: nss vulnerability
- SUSE Linux Security Vulnerability: CVE-2010-0840
- ELSA-2012-0518 Important: Oracle Linux openssl security update
- RHSA-2010:0770: java-1.6.0-sun security update
- ELSA-2010-0165 Moderate: Enterprise Linux nss security update
- Apple Java security update for CVE-2010-0092
- SUSE Linux Security Vulnerability: CVE-2010-0838
- JRE Java TLS Renegotiation Vulnerability
- Java CPU March 2010 Java Runtime Environment vulnerability (CVE-2010-0093)
- RHSA-2010:0574: java-1.4.2-ibm security update
- AIX 5.1 - ssl_advisory : AIX_OpenSSL_session_renegotiation_vulnerability (APAR N/A)
- AIX OpenSSL session renegotiation vulnerability -AIX 5.1
- SUSE Linux Security Advisory: SUSE-SR:2010:011
- SUSE Linux Security Vulnerability: CVE-2010-0091
- AIX OpenSSL session renegotiation vulnerability -AIX 5.2
- RHSA-2010:0807: java-1.5.0-ibm security update
- Sun Patch: NSS_NSPR_JSS 3.21_x86: NSPR 4.11 / NSS 3.21 / JSS 4.3.2
- F5 Networks: K10737 (CVE-2009-3555): SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541
- Sun Patch: Sun GlassFish Enterprise Server 2.1.1 Patch16 (v2.1 patch22) (9.1_
- Sun Patch: StarOffice 8 (Solaris): Update 18
- HP Systems Insight Manager - HPSBMA02547 (CVE-2010-0840): HP-UX, Linux, and Windows, Remote Execution of Arbitrary Code and Other Vulnerabilities
- RHSA-2010:0865: java-1.6.0-openjdk security and bug fix update
- Java CPU March 2010 Java Runtime Environment vulnerability (CVE-2010-0840)
- Sun Patch: StarSuite 8 (Solaris): Update 18
- Sun Patch: StarSuite 8 (Solaris_x86): Update 18
- MFSA2010-22 SeaMonkey: Update NSS to support TLS renegotiation indication (CVE-2009-3555)
- RHSA-2010:0130: java-1.5.0-ibm security update
- Apple Java security update for CVE-2010-0838
- ELSA-2010-0163 Moderate: Enterprise Linux openssl security update
- USN-1010-1: OpenJDK vulnerabilities
- OpenSSL RFC5746 SSL/TLS renegotiation (CVE-2009-3555)
- SUSE Linux Security Advisory: SUSE-SR:2011:008
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is updated to version 1.6.0_21, vCenter Update Manager Oracle (Sun) JRE is updated to version 1.5.0_26 (CVE-2009-3555)
- HP Systems Insight Manager - HPSBMA02547 (CVE-2010-0838): HP-UX, Linux, and Windows, Remote Execution of Arbitrary Code and Other Vulnerabilities
- Java CPU October 2010 JSSE vulnerability (CVE-2009-3555)
- AIX 5.3 - ssl_advisory : AIX_OpenSSL_session_renegotiation_vulnerability (APAR N/A)
- USN-990-1: OpenSSL vulnerability
- Sun Patch: SunOS 5.10: Solaris kernel patch
- RHSA-2010:0440: rhev-hypervisor security and bug fix update
- Java CPU March 2010 Pack200 vulnerability (CVE-2010-0837)
- Cent OS: CVE-2010-0840: CESA-2010:0339 (java-1.6.0-openjdk)
- VMSA-2010-0015.1: Service Console update (CVE-2009-3555)
- RHSA-2010:0165: nss security update
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is (CVE-2010-0085)
- Apple Java security update for CVE-2010-0091
- SUSE Linux Security Advisory: SUSE-SR:2010:017
- Apple Java security update for CVE-2010-0088
- Java CPU March 2010 Java Runtime Environment vulnerability (CVE-2010-0085)
- SUSE Linux Security Vulnerability: CVE-2010-0092
- SUSE Linux Security Vulnerability: CVE-2010-0093
- RHSA-2010:0338: java-1.5.0-sun security update
- Sun Patch: NSS_NSPR_JSS 3.21 Solaris: NSPR 4.11 / NSS 3.21 / JSS 4.3.2 Mainte
- SUSE Linux Security Vulnerability: CVE-2010-0094
- Apple Java security update for CVE-2010-0848
- Java CPU March 2010 Java Runtime Environment vulnerability (CVE-2010-0092)
- Sun Patch: Web Server 6.1: Sun ONE Web Server 6.1 Patch WS61SP13
- ELSA-2010-0166 Moderate: Enterprise Linux gnutls security update
- SUSE Linux Security Vulnerability: CVE-2010-0848
- RHSA-2010:0471: Red Hat Network Satellite Server IBM Java Runtime security update
- Sun Patch: SunOS 5.10: Apache 2 Patch
- ELSA-2010-0164 Moderate: Enterprise Linux openssl097a security update
- Sun Patch: SunOS 5.10: ssh scp patch
- Cent OS: CVE-2010-0847: CESA-2010:0339 (java-1.6.0-openjdk)
- Java CPU March 2010 HotSpot Server vulnerability (CVE-2010-0082)
- Sun Patch: Sun Java System Web Proxy Server 4.0.17, Solaris (SVR4 patch): Mai
- RHSA-2010:0163: openssl security update
- Apple Java security update for CVE-2010-0094
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is (CVE-2010-0840)
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is (CVE-2010-0092)
- RHSA-2010:0339: java-1.6.0-openjdk security update
- Apple Java security update for CVE-2010-0837
- Sun Patch: Sun GlassFish Enterprise Server v2.1.1 Security Patch01, Solaris:
- Sun Patch: Oracle iPlanet Web Server 7.0.12 Solaris: Update Release patch
- RHSA-2010:0166: gnutls security update
- SUSE Linux Security Advisory: SUSE-SR:2010:013
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is (CVE-2010-0837)
- SUSE Linux Security Advisory: SUSE-SR:2009:019
- AIX 5.2 - ssl_advisory : AIX_OpenSSL_session_renegotiation_vulnerability (APAR N/A)
- USN-927-1: NSS vulnerability
- Oracle Database: Critical Patch Update - April 2011 (CVE-2009-3555)
- RHSA-2010:0768: java-1.6.0-openjdk security and bug fix update
- RHSA-2011:0880: Red Hat Network Satellite server IBM Java Runtime security update
- Apple Java security update for CVE-2010-0082
- Sun Patch: SunOS 5.10_x86: kernel patch
- MFSA2010-22 Firefox: Update NSS to support TLS renegotiation indication (CVE-2009-3555)
- VMSA-2011-0003: vCenter Server and ESX, Oracle (Sun) JRE is (CVE-2010-0838)
- DSA-2626-1 lighttpd -- several issues