AIX Java Advisory : java_oct2016_advisory.asc (October 2016 CPU)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The version of Java SDK installed on the remote AIX host is affected
by multiple vulnerabilities.

Description :

The version of Java SDK installed on the remote AIX host is affected
by multiple vulnerabilities in the following subcomponents :

- An unspecified flaw exists in the Libraries subcomponent
that allows an unauthenticated, remote attacker to
impact integrity. (CVE-2016-5542)

- An unspecified flaw exists in the JMX subcomponent that
allows an unauthenticated, remote attacker to impact
integrity. (CVE-2016-5554)

- An unspecified flaw exists in the 2D subcomponent that
allows an unauthenticated, remote attacker to execute
arbitrary code. (CVE-2016-5556)

- An unspecified flaw exists in the AWT subcomponent that
allows an unauthenticated, remote attacker to execute
arbitrary code. (CVE-2016-5568)

- An unspecified flaw exists in the Networking
subcomponent that allows an unauthenticated, remote
attacker to disclose sensitive information.
(CVE-2016-5597)

See also :

http://www.nessus.org/u?5c188e0d
http://www.nessus.org/u?ce533d8f
http://www.nessus.org/u?17d05c61
http://www.nessus.org/u?d4595696
http://www.nessus.org/u?9abd5252
http://www.nessus.org/u?4ee03dc1
http://www.nessus.org/u?8f7a066c
http://www.nessus.org/u?52d4ddf3
http://www.nessus.org/u?343fa903
http://www.nessus.org/u?bac902d5

Solution :

Fixes are available by version and can be downloaded from the IBM AIX
website.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: AIX Local Security Checks

Nessus Plugin ID: 97051 ()

Bugtraq ID: 93618
93621
93623
93628
93636
93637
93643

CVE ID: CVE-2016-5542
CVE-2016-5554
CVE-2016-5556
CVE-2016-5568
CVE-2016-5573
CVE-2016-5597

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now