Download
| Alert*
oval:org.secpod.oval:def:19737
The host is installed with Oracle Java SE 5.0 before update 22 or 6 before update 17 and is prone to unspecified vulnerability. A flaw is present in the applications, which does not properly handle vectors related to handling of zoneinfo (aka tz) files. Successful exploitation allows remote attacker ... oval:org.secpod.oval:def:301167 Multiple Java OpenJDK security vulnerabilities has been identified and fixed: - TLS: MITM attacks via session renegotiation . - Loader-constraint table allows arrays instead of only the b ase-classes . - Policy/PolicyFile leak dynamic ProtectionDomains. - File TOCTOU deserialization vulnerability . ... oval:org.secpod.oval:def:500496 These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment contains the software and tools that users need to run applications written using the Java programming language. An integer overflow flaw and buffer overflow flaws ... oval:org.secpod.oval:def:101974 The OpenJDK runtime environment. oval:org.secpod.oval:def:102200 The OpenJDK runtime environment. oval:org.secpod.oval:def:103311 The OpenJDK runtime environment. oval:org.secpod.oval:def:202085 These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment contains the software and tools that users need to run applications written using the Java programming language. An integer overflow flaw and buffer overflow flaws ... oval:org.secpod.oval:def:201993 These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment contains the software and tools that users need to run applications written using the Java programming language. An integer overflow flaw and buffer overflow flaws ... oval:org.secpod.oval:def:700477 Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation in Op ... |