Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to "Features set on SchemaFactory not inherited by Validator."
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054115.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054134.html
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://secunia.com/advisories/43350
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www.debian.org/security/2011/dsa-2224
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-003/index.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:054
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html
http://www.redhat.com/support/errata/RHSA-2011-0281.html
http://www.redhat.com/support/errata/RHSA-2011-0282.html
http://www.securityfocus.com/bid/46387
https://exchange.xforce.ibmcloud.com/vulnerabilities/65404
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12887
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14076
Source: MITRE
Published: 2011-02-17
Updated: 2017-12-22
Type: NVD-CWE-noinfo
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
OR
cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*
cpe:2.3:a:sun:jre:*:update_23:*:*:*:*:*:* versions up to 1.6.0 (inclusive)
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
OR
cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:*:update_23:*:*:*:*:*:* versions up to 1.6.0 (inclusive)
cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
89681 | VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0013) (remote check) | Nessus | Misc. | critical |
76303 | GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT) | Nessus | Gentoo Local Security Checks | critical |
75872 | openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-4147) | Nessus | SuSE Local Security Checks | critical |
75541 | openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2011:0126-1) | Nessus | SuSE Local Security Checks | critical |
75538 | openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0155-1) | Nessus | SuSE Local Security Checks | critical |
68205 | Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2011-0281) | Nessus | Oracle Linux Local Security Checks | critical |
65100 | Ubuntu 10.10 : openjdk-6b18 vulnerabilities (USN-1079-3) | Nessus | Ubuntu Local Security Checks | critical |
65099 | Ubuntu 9.10 / 10.04 LTS : openjdk-6b18 vulnerabilities (USN-1079-2) | Nessus | Ubuntu Local Security Checks | critical |
64844 | Oracle Java SE Multiple Vulnerabilities (February 2011 CPU) (Unix) | Nessus | Misc. | critical |
60964 | Scientific Linux Security Update : java (jdk 1.6.0) on SL4.x, SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
60963 | Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
59684 | HP Systems Insight Manager < 7.0 Multiple Vulnerabilities | Nessus | Windows | critical |
56724 | GLSA-201111-02 : Oracle JRE/JDK: Multiple vulnerabilities (BEAST) | Nessus | Gentoo Local Security Checks | critical |
56665 | VMSA-2011-0013 : VMware third-party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX | Nessus | VMware ESX Local Security Checks | critical |
53736 | openSUSE Security Update : java-1_6_0-sun (openSUSE-SU-2011:0126-1) | Nessus | SuSE Local Security Checks | critical |
53735 | openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0155-1) | Nessus | SuSE Local Security Checks | critical |
53507 | Debian DSA-2224-1 : openjdk-6 - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
53421 | CentOS 5 : java-1.6.0-openjdk (CESA-2011:0281) | Nessus | CentOS Local Security Checks | critical |
53001 | Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2011:054) | Nessus | Mandriva Local Security Checks | critical |
52588 | Mac OS X : Java for Mac OS X 10.6 Update 4 | Nessus | MacOS X Local Security Checks | high |
52587 | Mac OS X : Java for Mac OS X 10.5 Update 9 | Nessus | MacOS X Local Security Checks | high |
52498 | Ubuntu 9.10 / 10.04 LTS / 10.10 : openjdk-6 vulnerabilities (USN-1079-1) | Nessus | Ubuntu Local Security Checks | critical |
52068 | SuSE 10 Security Update : IBM Java 1.6 (ZYPP Patch Number 7342) | Nessus | SuSE Local Security Checks | critical |
52067 | SuSE 11.1 Security Update : Sun Java 1.6 (SAT Patch Number 3976) | Nessus | SuSE Local Security Checks | critical |
52021 | RHEL 4 / 5 / 6 : java-1.6.0-sun (RHSA-2011:0282) | Nessus | Red Hat Local Security Checks | critical |
52020 | RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2011:0281) | Nessus | Red Hat Local Security Checks | critical |
52006 | Fedora 14 : java-1.6.0-openjdk-1.6.0.0-52.1.9.7.fc14 (2011-1645) | Nessus | Fedora Local Security Checks | critical |
52005 | Fedora 13 : java-1.6.0-openjdk-1.6.0.0-50.1.8.7.fc13 (2011-1631) | Nessus | Fedora Local Security Checks | critical |
52002 | Oracle Java SE Multiple Vulnerabilities (February 2011 CPU) | Nessus | Windows | critical |