Scientific Linux Security Update : jdk-1.6.0 on SL 5.0 - 5.8 (i386 x86_64)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

Multiple fixes. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342,
CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423,
CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427,
CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432,
CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438,
CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443,
CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-1473,
CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480,
CVE-2013-1481)

As a reminder, the closed source Java6 packages are not present in
Scientific Linux 5.9. Public updates to the closed source package are
being discontinued by upstream. Scientific Linux 6 has never included
the closed source Java packages.

http://www.oracle.com/technetwork/java/eol-135779.html

All running instances of Java must be restarted for the update to take
effect.

See also :

http://www.nessus.org/u?4905b687
http://www.oracle.com/technetwork/java/eol-135779.html

Solution :

Update the affected java-1.6.0-sun-compat and / or jdk packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true