[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96078

 
 

909

 
 

78009

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1769-1 openjdk-6 -- several

ID: oval:org.secpod.oval:def:600416Date: (C)2011-05-13   (M)2017-10-12
Class: PATCHFamily: unix




Several vulnerabilities have been identified in OpenJDK, an implementation of the Java SE platform. Creation of large, temporary fonts could use up available disk space, leading to a denial of service condition . Several vulnerabilities existed in the embedded LittleCMS library, exploitable through crafted images: a memory leak, resulting in a denial of service condition , heap-based buffer overflows, potentially allowing arbitrary code execution , and a null-pointer dereference, leading to denial of service . The LDAP server implementation did not properly close sockets if an error was encountered, leading to a denial-of-service condition . The LDAP client implementation allowed malicious LDAP servers to execute arbitrary code on the client . The HTTP server implementation contained an unspecified denial of service vulnerability . Several issues in Java Web Start have been addressed . The Debian packages currently do not support Java Web Start, so these issues are not directly exploitable, but the relevant code has been updated nevertheless. For the stable distribution , these problems have been fixed in version 9.1+lenny2. We recommend that you upgrade your openjdk-6 packages.

Platform:
Debian 5.0
Product:
openjdk-6
Reference:
DSA-1769-1
CVE-2006-2426
CVE-2009-0581
CVE-2009-0723
CVE-2009-0733
CVE-2009-0793
CVE-2009-1093
CVE-2009-1094
CVE-2009-1095
CVE-2009-1096
CVE-2009-1097
CVE-2009-1098
CVE-2009-1101
CVE    12
CVE-2009-0581
CVE-2009-0723
CVE-2009-0733
CVE-2009-0793
...

© 2013 SecPod Technologies