openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-603)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Specially crafted image files could cause an integer overflow in the
lcms library contained in openjdk. Attackers could potentially exploit
that to crash applications using lcms or even execute arbitrary code
(CVE-2009-0723, CVE-2009-0581, CVE-2009-0733).

This update also fixes problems with package dependencies that
prevented installation of the package.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=479608
https://bugzilla.novell.com/show_bug.cgi?id=483916

Solution :

Update the affected java-1_6_0-openjdk packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 40000 ()

Bugtraq ID:

CVE ID: CVE-2009-0581
CVE-2009-0723
CVE-2009-0733

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now