openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-602)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Specially crafted image files could cause an integer overflow in the
lcms library contained in openjdk. Attackers could potentially exploit
that to crash applications using lcms or even execute arbitrary code
(CVE-2009-0723, CVE-2009-0581, CVE-2009-0733).

See also :

https://bugzilla.novell.com/show_bug.cgi?id=479608

Solution :

Update the affected java-1_6_0-openjdk packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 40239 ()

Bugtraq ID:

CVE ID: CVE-2009-0581
CVE-2009-0723
CVE-2009-0733

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now