rhsa-2015_0807
Vulnerability from csaf_redhat
Published
2015-04-14 20:18
Modified
2024-11-05 18:50
Summary
Red Hat Security Advisory: java-1.7.0-openjdk security update
Notes
Topic
Updated java-1.7.0-openjdk packages that fix multiple security issues are
now available for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime
Environment and the OpenJDK 7 Java Software Development Kit.
An off-by-one flaw, leading to a buffer overflow, was found in the font
parsing code in the 2D component in OpenJDK. A specially crafted font file
could possibly cause the Java Virtual Machine to execute arbitrary code,
allowing an untrusted Java application or applet to bypass Java sandbox
restrictions. (CVE-2015-0469)
A flaw was found in the way the Hotspot component in OpenJDK handled
phantom references. An untrusted Java application or applet could use this
flaw to corrupt the Java Virtual Machine memory and, possibly, execute
arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460)
A flaw was found in the way the JSSE component in OpenJDK parsed X.509
certificate options. A specially crafted certificate could cause JSSE to
raise an exception, possibly causing an application using JSSE to exit
unexpectedly. (CVE-2015-0488)
A flaw was discovered in the Beans component in OpenJDK. An untrusted Java
application or applet could use this flaw to bypass certain Java sandbox
restrictions. (CVE-2015-0477)
A directory traversal flaw was found in the way the jar tool extracted JAR
archive files. A specially crafted JAR archive could cause jar to overwrite
arbitrary files writable by the user running jar when the archive was
extracted. (CVE-2005-1080, CVE-2015-0480)
It was found that the RSA implementation in the JCE component in OpenJDK
did not follow recommended practices for implementing RSA signatures.
(CVE-2015-0478)
The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat
Product Security.
All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-openjdk packages that fix multiple security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nAn off-by-one flaw, leading to a buffer overflow, was found in the font\nparsing code in the 2D component in OpenJDK. A specially crafted font file\ncould possibly cause the Java Virtual Machine to execute arbitrary code,\nallowing an untrusted Java application or applet to bypass Java sandbox\nrestrictions. (CVE-2015-0469)\n\nA flaw was found in the way the Hotspot component in OpenJDK handled\nphantom references. An untrusted Java application or applet could use this\nflaw to corrupt the Java Virtual Machine memory and, possibly, execute\narbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460)\n\nA flaw was found in the way the JSSE component in OpenJDK parsed X.509\ncertificate options. A specially crafted certificate could cause JSSE to\nraise an exception, possibly causing an application using JSSE to exit\nunexpectedly. (CVE-2015-0488)\n\nA flaw was discovered in the Beans component in OpenJDK. An untrusted Java\napplication or applet could use this flaw to bypass certain Java sandbox\nrestrictions. (CVE-2015-0477)\n\nA directory traversal flaw was found in the way the jar tool extracted JAR\narchive files. A specially crafted JAR archive could cause jar to overwrite\narbitrary files writable by the user running jar when the archive was\nextracted. (CVE-2005-1080, CVE-2015-0480)\n\nIt was found that the RSA implementation in the JCE component in OpenJDK\ndid not follow recommended practices for implementing RSA signatures.\n(CVE-2015-0478)\n\nThe CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat\nProduct Security.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2015:0807", "url": "https://access.redhat.com/errata/RHSA-2015:0807" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "606442", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=606442" }, { "category": "external", "summary": "1210355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210355" }, { "category": "external", "summary": "1210829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210829" }, { "category": "external", "summary": "1211285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211285" }, { "category": "external", "summary": "1211299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211299" }, { "category": "external", "summary": "1211504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211504" }, { "category": "external", "summary": "1211543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211543" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0807.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-openjdk security update", "tracking": { "current_release_date": "2024-11-05T18:50:56+00:00", "generator": { "date": "2024-11-05T18:50:56+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2015:0807", "initial_release_date": "2015-04-14T20:18:32+00:00", "revision_history": [ { "date": "2015-04-14T20:18:32+00:00", "number": "1", "summary": "Initial version" }, { "date": "2015-04-14T20:18:32+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T18:50:56+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux (v. 5 server)", "product": { "name": "Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "product": { "name": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_id": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-src@1.7.0.79-2.5.5.2.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "product": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_id": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-devel@1.7.0.79-2.5.5.2.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "product": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_id": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-demo@1.7.0.79-2.5.5.2.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_id": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.79-2.5.5.2.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "product": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_id": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-javadoc@1.7.0.79-2.5.5.2.el5_11?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "product": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_id": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-debuginfo@1.7.0.79-2.5.5.2.el5_11?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_id": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-demo@1.7.0.79-2.5.5.2.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_id": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-javadoc@1.7.0.79-2.5.5.2.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_id": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-devel@1.7.0.79-2.5.5.2.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product": { "name": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_id": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-src@1.7.0.79-2.5.5.2.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_id": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-debuginfo@1.7.0.79-2.5.5.2.el5_11?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_id": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.79-2.5.5.2.el5_11?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "product_id": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.79-2.5.5.2.el5_11?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Client-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "relates_to_product_reference": "5Server-5.11.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "relates_to_product_reference": "5Server-5.11.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2005-1080", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2010-05-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "606442" } ], "notes": [ { "category": "description", "text": "A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted.", "title": "Vulnerability description" }, { "category": "summary", "text": "jar: directory traversal vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2005-1080" }, { "category": "external", "summary": "RHBZ#606442", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=606442" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2005-1080", "url": "https://www.cve.org/CVERecord?id=CVE-2005-1080" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1080", "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1080" } ], "release_date": "2005-01-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-14T20:18:32+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0807" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jar: directory traversal vulnerability" }, { "cve": "CVE-2015-0460", "discovery_date": "2015-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1211285" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect handling of phantom references (Hotspot, 8071931)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0460" }, { "category": "external", "summary": "RHBZ#1211285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211285" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0460", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0460" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0460", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0460" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA" } ], "release_date": "2015-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-14T20:18:32+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0807" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: incorrect handling of phantom references (Hotspot, 8071931)" }, { "cve": "CVE-2015-0469", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2015-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1210829" } ], "notes": [ { "category": "description", "text": "An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0469" }, { "category": "external", "summary": "RHBZ#1210829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210829" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0469", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0469" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA" } ], "release_date": "2015-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-14T20:18:32+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0807" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)" }, { "cve": "CVE-2015-0477", "discovery_date": "2015-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1211299" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0477" }, { "category": "external", "summary": "RHBZ#1211299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0477", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0477" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0477", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0477" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA" } ], "release_date": "2015-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-14T20:18:32+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0807" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)" }, { "acknowledgments": [ { "names": [ "Florian Weimer" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2015-0478", "cwe": { "id": "CWE-358", "name": "Improperly Implemented Security Check for Standard" }, "discovery_date": "2015-01-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1210355" } ], "notes": [ { "category": "description", "text": "It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient hardening of RSA-CRT implementation (JCE, 8071726)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0478" }, { "category": "external", "summary": "RHBZ#1210355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1210355" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0478", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0478" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0478", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0478" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA" }, { "category": "external", "summary": "https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf", "url": "https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf" }, { "category": "external", "summary": "https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/", "url": "https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/" } ], "release_date": "2015-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-14T20:18:32+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0807" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: insufficient hardening of RSA-CRT implementation (JCE, 8071726)" }, { "cve": "CVE-2015-0480", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2015-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1211504" } ], "notes": [ { "category": "description", "text": "A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: jar directory traversal issues (Tools, 8064601)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0480" }, { "category": "external", "summary": "RHBZ#1211504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211504" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0480", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0480" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0480", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0480" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA" } ], "release_date": "2005-01-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-14T20:18:32+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0807" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: jar directory traversal issues (Tools, 8064601)" }, { "cve": "CVE-2015-0488", "cwe": { "id": "CWE-248", "name": "Uncaught Exception" }, "discovery_date": "2015-04-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1211543" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0488" }, { "category": "external", "summary": "RHBZ#1211543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211543" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0488", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0488" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0488", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0488" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA" } ], "release_date": "2015-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-14T20:18:32+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0807" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Client-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Client-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.src", "5Server-5.11.Z:java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11.x86_64", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.i386", "5Server-5.11.Z:java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: certificate options parsing uncaught exception (JSSE, 8068720)" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.