Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

openjdk-6, openjdk-7 vulnerabilities

Related Vulnerabilities: CVE-2012-1541   CVE-2012-3342   CVE-2013-0351   CVE-2013-0419   CVE-2013-0423   CVE-2013-0446   CVE-2012-3213   CVE-2013-0425   CVE-2013-0426   CVE-2013-0428   CVE-2013-0429   CVE-2013-0430   CVE-2013-0441   CVE-2013-0442   CVE-2013-0445   CVE-2013-0450   CVE-2013-1475   CVE-2013-1476   CVE-2013-1478   CVE-2013-1480   CVE-2013-0409   CVE-2013-0434   CVE-2013-0438   CVE-2013-0424   CVE-2013-0427   CVE-2013-0433   CVE-2013-1473   CVE-2013-0432   CVE-2013-0435   CVE-2013-0443   CVE-2013-0440   CVE-2013-0444   CVE-2013-0448   CVE-2013-0449   CVE-2013-1481  

Several security issues were fixed in OpenJDK.

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2012-1541, CVE-2012-3342, CVE-2013-0351, CVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0441, CVE-2013-0442, CVE-2013-0445, CVE-2013-0450, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480)

Source

14 February 2013

openjdk-6, openjdk-7 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.10
  • Ubuntu 12.04 LTS
  • Ubuntu 11.10
  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in OpenJDK.

Software Description

  • openjdk-7 - Open Source Java implementation
  • openjdk-6 - Open Source Java implementation

Details

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2012-1541, CVE-2012-3342, CVE-2013-0351, CVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0441, CVE-2013-0442, CVE-2013-0445, CVE-2013-0450, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480)

Vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. (CVE-2013-0409, CVE-2013-0434, CVE-2013-0438)

Several data integrity vulnerabilities were discovered in the OpenJDK JRE. (CVE-2013-0424, CVE-2013-0427, CVE-2013-0433, CVE-2013-1473)

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2013-0432, CVE-2013-0435, CVE-2013-0443)

A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2013-0440)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 12.10. (CVE-2013-0444)

A data integrity vulnerability was discovered in the OpenJDK JRE. This issue only affected Ubuntu 12.10. (CVE-2013-0448)

An information disclosure vulnerability was discovered in the OpenJDK JRE. This issue only affected Ubuntu 12.10. (CVE-2013-0449)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. This issue did not affect Ubuntu 12.10. (CVE-2013-1481)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.10
icedtea-7-jre-jamvm - 7u13-2.3.6-0ubuntu0.12.10.1
openjdk-7-jre - 7u13-2.3.6-0ubuntu0.12.10.1
openjdk-7-jre-headless - 7u13-2.3.6-0ubuntu0.12.10.1
openjdk-7-jre-lib - 7u13-2.3.6-0ubuntu0.12.10.1
openjdk-7-jre-zero - 7u13-2.3.6-0ubuntu0.12.10.1
Ubuntu 12.04 LTS
icedtea-6-jre-cacao - 6b27-1.12.1-2ubuntu0.12.04.2
icedtea-6-jre-jamvm - 6b27-1.12.1-2ubuntu0.12.04.2
openjdk-6-jre - 6b27-1.12.1-2ubuntu0.12.04.2
openjdk-6-jre-headless - 6b27-1.12.1-2ubuntu0.12.04.2
openjdk-6-jre-lib - 6b27-1.12.1-2ubuntu0.12.04.2
openjdk-6-jre-zero - 6b27-1.12.1-2ubuntu0.12.04.2
Ubuntu 11.10
icedtea-6-jre-cacao - 6b27-1.12.1-2ubuntu0.11.10.2
icedtea-6-jre-jamvm - 6b27-1.12.1-2ubuntu0.11.10.2
openjdk-6-jre - 6b27-1.12.1-2ubuntu0.11.10.2
openjdk-6-jre-headless - 6b27-1.12.1-2ubuntu0.11.10.2
openjdk-6-jre-lib - 6b27-1.12.1-2ubuntu0.11.10.2
openjdk-6-jre-zero - 6b27-1.12.1-2ubuntu0.11.10.2
Ubuntu 10.04 LTS
icedtea-6-jre-cacao - 6b27-1.12.1-2ubuntu0.10.04.2
openjdk-6-jre - 6b27-1.12.1-2ubuntu0.10.04.2
openjdk-6-jre-headless - 6b27-1.12.1-2ubuntu0.10.04.2
openjdk-6-jre-lib - 6b27-1.12.1-2ubuntu0.10.04.2
openjdk-6-jre-zero - 6b27-1.12.1-2ubuntu0.10.04.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started