Download
| Alert*
oval:org.secpod.oval:def:73205
By default no deployment.config file exists; thus, no system-wide deployment.properties file exists. The file must be created. The deployment.config file is used for specifying the location and execution of system-level properties for the Java Runtime Environment. Without the deployment.config file, ... oval:org.secpod.oval:def:73206 Certificates may be revoked due to improper issuance, compromise of the certificate, and failure to adhere to policy. Therefore, any certificate found revoked on a CRL or via Online Certificate Status Protocol (OCSP) should not be trusted. Permitting execution of an applet published with a revoked c ... oval:org.secpod.oval:def:73203 By default no deployment.properties file exists; thus, no system-wide deployment exists. The file must be created. The deployment.properties file is used for specifying keys for the Java Runtime Environment. Each option in the Java control panel is represented by property keys. These keys adjust the ... oval:org.secpod.oval:def:73204 The deployment.config configuration file contains two keys. The "deployment.properties" key includes the path of the "deployment.properties" file and the "deployment.properties.mandatory" key contains either a TRUE or FALSE value. If the path specified to "deployment.properties" does not lead to ... oval:org.secpod.oval:def:73201 Java Web Start (JWS) applications are the most commonly used. Denying these applications could be detrimental to the user experience. Whitelisting, blacklisting, and signing of applications help mitigate the risk of running JWS applications. oval:org.secpod.oval:def:73202 Applications that are signed with a valid certificate and include the permissions attribute in the manifest for the main JAR file are allowed to run with security prompts. All other applications are blocked. Unsigned applications could perform numerous types of attacks on a system. oval:org.secpod.oval:def:73200 Java applets exist both signed and unsigned. Even for signed applets, there can be many sources, some of which may be purveyors of malware. Applet sources considered trusted can have their information populated into the browser, enabling Java to validate applets against trusted sources. Permitting e ... oval:org.secpod.oval:def:73197 Decisions regarding the employment of mobile code within organizational information systems are based on the potential for the code to cause damage to the system if used maliciously. Mobile code is defined as software modules obtained from remote systems, transferred across a network, and then dow ... oval:org.secpod.oval:def:73198 Online certificate validation provides a real-time option to validate a certificate. When enabled, if a certificate is presented, the status of the certificate is requested. The status is sent back as "current", "expired", or "unknown". Online certificate validation provides a greater degree of vali ... oval:org.secpod.oval:def:73195 Utilizing a whitelist provides a configuration management method for allowing the execution of only authorized software. Using only authorized software decreases risk by limiting the number of potential vulnerabilities. The organization must identify authorized software programs and permit executio ... oval:org.secpod.oval:def:73196 Utilizing a whitelist provides a configuration management method for allowing the execution of only authorized software. Using only authorized software decreases risk by limiting the number of potential vulnerabilities. The organization must identify authorized software programs and permit executio ... oval:org.secpod.oval:def:73193 Mobile code can cause damage to the system. It can execute without explicit action from, or notification to, a user. Actions enforced before executing mobile code include, for example, prompting users prior to opening email attachments and disabling automatic execution. This requirement applies t ... oval:org.secpod.oval:def:73194 A certificate revocation list is a directory which contains a list of certificates that have been revoked for various reasons. Certificates may be revoked due to improper issuance, compromise of the certificate, and failure to adhere to policy. Therefore, any certificate found on a CRL should not be ... oval:org.secpod.oval:def:73191 Oracle JRE 8 is being continually updated by the vendor in order to address identified security vulnerabilities. Running an older version of the JRE can introduce security vulnerabilities to the system. oval:org.secpod.oval:def:73192 Previous versions of software components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software automatically from the information system. oval:org.secpod.oval:def:73199 Java applets exist both signed and unsigned. Even for signed applets, there can be many sources, some of which may be purveyors of malware. Applet sources considered trusted can have their information populated into the browser, enabling Java to validate applets against trusted sources. Permitting e ... |