Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.58068
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2007-8 (Java)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to Java
announced via advisory TLSA-2007-8.

java-1.x.x-sun contains the Java Runtime Environment.
This package contains additional script and configuration files for
JDK version 1.*.* distributed by Sun Microsystems, Inc.

The heap overbuffer vulnerability exists in java.

This vulnerability may allow remote attackers to execute arbitrary
code via malformed GIF image files.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2007-8

Risk factor : High

CVSS Score:
6.8

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-0243
http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
http://dev2dev.bea.com/pub/advisory/242
BugTraq ID: 22085
http://www.securityfocus.com/bid/22085
Bugtraq: 20070117 ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/457159/100/0/threaded
Bugtraq: 20070121 Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit (Google Search)
http://www.securityfocus.com/archive/1/457638/100/0/threaded
Cert/CC Advisory: TA07-022A
http://www.us-cert.gov/cas/techalerts/TA07-022A.html
CERT/CC vulnerability note: VU#388289
http://www.kb.cert.org/vuls/id/388289
http://www.gentoo.org/security/en/glsa/glsa-200702-07.xml
http://security.gentoo.org/glsa/glsa-200702-08.xml
HPdes Security Advisory: HPSBUX02196
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00876579
HPdes Security Advisory: SSRT071318
http://docs.info.apple.com/article.html?artnum=307177
http://www.zerodayinitiative.com/advisories/ZDI-07-005.html
http://osvdb.org/32834
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11073
http://www.redhat.com/support/errata/RHSA-2007-0166.html
http://www.redhat.com/support/errata/RHSA-2007-0167.html
http://www.redhat.com/support/errata/RHSA-2007-0956.html
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://securitytracker.com/id?1017520
http://secunia.com/advisories/23757
http://secunia.com/advisories/24189
http://secunia.com/advisories/24202
http://secunia.com/advisories/24468
http://secunia.com/advisories/24993
http://secunia.com/advisories/25283
http://secunia.com/advisories/26049
http://secunia.com/advisories/26119
http://secunia.com/advisories/26645
http://secunia.com/advisories/27203
http://secunia.com/advisories/28115
http://securityreason.com/securityalert/2158
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1
SuSE Security Announcement: SUSE-SA:2007:045 (Google Search)
http://www.novell.com/linux/security/advisories/2007_45_java.html
http://www.vupen.com/english/advisories/2007/0211
http://www.vupen.com/english/advisories/2007/0936
http://www.vupen.com/english/advisories/2007/1814
http://www.vupen.com/english/advisories/2007/4224
XForce ISS Database: jre-gif-bo(31537)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31537
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.