Debian DSA-2722-1 : openjdk-7 - several vulnerabilities

Critical Nessus Plugin ID 68889


The remote Debian host is missing a security-related update.


Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.


Upgrade the openjdk-7 packages.

For the stable distribution (wheezy), these problems have been fixed in version 7u25-2.3.10-1~deb7u1. In addition icedtea-web needed to be updated to 1.4-3~deb7u1.

See Also

Plugin Details

Severity: Critical

ID: 68889

File Name: debian_DSA-2722.nasl

Version: $Revision: 1.16 $

Type: local

Agent: unix

Published: 2013/07/16

Modified: 2016/05/05

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:ND

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:openjdk-7, cpe:/o:debian:debian_linux:7.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/07/15

Exploitable With

Core Impact

Metasploit (Java storeImageArray() Invalid Array Indexing Vulnerability)

Reference Information

CVE: CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473

OSVDB: 94335, 94336, 94337, 94339, 94340, 94341, 94346, 94347, 94348, 94350, 94352, 94353, 94354, 94355, 94356, 94357, 94358, 94362, 94363, 94364, 94365, 94366, 94367, 94368, 94369, 94370, 94371, 94372, 94373, 94374

DSA: 2722