Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

openjdk-6 vulnerabilities

Related Vulnerabilities: CVE-2012-1682   CVE-2012-0547  

Two security issues were fixed in OpenJDK 6.

It was discovered that the Beans component in OpenJDK 6 did not properly prevent access to restricted classes. A remote attacker could use this to create an untrusted Java applet or application that would bypass Java sandbox restrictions. (CVE-2012-1682)

Source

3 September 2012

openjdk-6 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS
  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.04 LTS

Summary

Two security issues were fixed in OpenJDK 6.

Software Description

  • openjdk-6 - Open Source Java implementation

Details

It was discovered that the Beans component in OpenJDK 6 did not properly prevent access to restricted classes. A remote attacker could use this to create an untrusted Java applet or application that would bypass Java sandbox restrictions. (CVE-2012-1682)

It was discovered that functionality in the AWT component in OpenJDK 6 made it easier for a remote attacker, in conjunction with other vulnerabilities, to bypass Java sandbox restrictions. (CVE-2012-0547)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 LTS
icedtea-6-jre-cacao - 6b24-1.11.4-1ubuntu0.12.04.1
icedtea-6-jre-jamvm - 6b24-1.11.4-1ubuntu0.12.04.1
openjdk-6-jre - 6b24-1.11.4-1ubuntu0.12.04.1
openjdk-6-jre-headless - 6b24-1.11.4-1ubuntu0.12.04.1
openjdk-6-jre-lib - 6b24-1.11.4-1ubuntu0.12.04.1
openjdk-6-jre-zero - 6b24-1.11.4-1ubuntu0.12.04.1
Ubuntu 11.10
icedtea-6-jre-cacao - 6b24-1.11.4-1ubuntu0.11.10.1
icedtea-6-jre-jamvm - 6b24-1.11.4-1ubuntu0.11.10.1
openjdk-6-jre - 6b24-1.11.4-1ubuntu0.11.10.1
openjdk-6-jre-headless - 6b24-1.11.4-1ubuntu0.11.10.1
openjdk-6-jre-lib - 6b24-1.11.4-1ubuntu0.11.10.1
openjdk-6-jre-zero - 6b24-1.11.4-1ubuntu0.11.10.1
Ubuntu 11.04
icedtea-6-jre-cacao - 6b24-1.11.4-1ubuntu0.11.04.1
icedtea-6-jre-jamvm - 6b24-1.11.4-1ubuntu0.11.04.1
openjdk-6-jre - 6b24-1.11.4-1ubuntu0.11.04.1
openjdk-6-jre-headless - 6b24-1.11.4-1ubuntu0.11.04.1
openjdk-6-jre-lib - 6b24-1.11.4-1ubuntu0.11.04.1
openjdk-6-jre-zero - 6b24-1.11.4-1ubuntu0.11.04.1
Ubuntu 10.04 LTS
icedtea-6-jre-cacao - 6b24-1.11.4-1ubuntu0.10.04.1
openjdk-6-jre - 6b24-1.11.4-1ubuntu0.10.04.1
openjdk-6-jre-headless - 6b24-1.11.4-1ubuntu0.10.04.1
openjdk-6-jre-lib - 6b24-1.11.4-1ubuntu0.10.04.1
openjdk-6-jre-zero - 6b24-1.11.4-1ubuntu0.10.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart any Java applets or applications to make all the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started