SuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 8090)

Critical Nessus Plugin ID 69071


The remote SuSE 11 host is missing one or more security updates.


This update to icedtea-2.4.1 fixes various security issues :

- S6741606, CVE-2013-2407: Integrate Apache Santuario

- S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls

- S7170730, CVE-2013-2451: Improve Windows network stack support.

- S8000638, CVE-2013-2450: Improve deserialization

- S8000642, CVE-2013-2446: Better handling of objects for transportation

- S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers

- S8001034, CVE-2013-1500: Memory management improvements

- S8001038, CVE-2013-2444: Resourcefully handle resources

- S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost

- S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only)

- S8003703, CVE-2013-2412: Update RMI connection dialog box

- S8004288, CVE-2013-2449: (fs) Files.probeContentType problems

- S8006328, CVE-2013-2448: Improve robustness of sound classes

- S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes

- S8008120, CVE-2013-2457: Improve JMX class checking

- S8008124, CVE-2013-2453: Better compliance testing

- S8008132, CVE-2013-2456: Better serialization support

- S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606

- S8009057, CVE-2013-2448: Improve MIDI event handling

- S8009071, CVE-2013-2459: Improve shape handling

- S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change

- S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields

- S8010209, CVE-2013-2460: Better provision of factories

- S8011243, CVE-2013-2470: Improve ImagingLib

- S8011248, CVE-2013-2471: Better Component Rasters

- S8011253, CVE-2013-2472: Better Short Component Rasters

- S8011257, CVE-2013-2473: Better Byte Component Rasters

- S8012375, CVE-2013-1571: Improve Javadoc framing

- S8012438, CVE-2013-2463: Better image validation

- S8012597, CVE-2013-2465: Better image channel verification

- S8012601, CVE-2013-2469: Better validation of image layouts

- S8014281, CVE-2013-2461: Better checking of XML signature


Apply SAT patch number 8090.

See Also

Plugin Details

Severity: Critical

ID: 69071

File Name: suse_11_java-1_7_0-openjdk-130719.nasl

Version: $Revision: 1.10 $

Type: local

Agent: unix

Published: 2013/07/26

Modified: 2013/11/18

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk, p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk-demo, p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk-devel, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/07/19

Exploitable With

Core Impact

Metasploit (Java storeImageArray() Invalid Array Indexing Vulnerability)

Reference Information

CVE: CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473