Detections
Analytics

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.40-1.13.12.6.AXS4 (AXSA:2016-642:04)

critical Nessus Plugin ID 289462

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-642:04 advisory.

 The OpenJDK runtime environment.
 Security issues fixed with this release:
 CVE-2016-3458 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92;
 and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
 CVE-2016-3500 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92;
 Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
 CVE-2016-3508 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92;
 Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
 CVE-2016-3550 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
 CVE-2016-3606 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected java-1.6.0-openjdk, java-1.6.0-openjdk-devel and / or java-1.6.0-openjdk-javadoc packages.

See Also

https://tsn.miraclelinux.com/en/node/7074

Plugin Details

Severity: Critical

ID: 289462

File Name: miracle_linux_AXSA-2016-642.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2016-3606

CVSS v3

Risk Factor: Critical

Base Score: 9.6

Temporal Score: 8.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:java-1.6.0-openjdk-javadoc, p-cpe:/a:miracle:linux:java-1.6.0-openjdk-devel, cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:java-1.6.0-openjdk

Required KB Items: Host/local_checks_enabled, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 8/26/2016

Vulnerability Publication Date: 7/19/2016

Reference Information

CVE: CVE-2016-3458, CVE-2016-3500, CVE-2016-3508, CVE-2016-3550, CVE-2016-3606