Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Oracle Java SE 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities

Critical

Synopsis

The remote host is missing a critical Oracle Java SE patch update.

Description

The Oracle Java SE installed on the remote host is version 6 prior to Update 101, 7 prior to Update 85, or 8 prior to Update 51 and is affected by multiple vulnerabilities:

- A flaw in the 'ObjectInputStream::readSerialData()' function in 'share/classes/java/io/ObjectInputStream.java' that is triggered when handling OIS data allowing a context-dependent attacker to execute arbitrary code. (CVE-2015-2590) - An unspecified flaw related to the Hotspot component may allow a context-dependent attacker to have an impact on integrity. (CVE-2015-2596) - A flaw in the JCE component as various cryptographic operations use non-constant time comparisons allowing a remote attacker to conduct timing attacks in order to possibly glean sensitive information. (CVE-2015-2601) - A flaw in the 'ECDH_Derive()' function in 'share/native/sun/security/ec/impl/ec.c' related to missing EC parameter validation when performing ECDH key derivation allowing a remote attacker to disclose potentially sensitive information. (CVE-2015-2613) - An unspecified flaw related to the 2D component may allow a context-dependent attacker to gain access to sensitive information. (CVE-2015-2619) - A flaw in the 'RMIConnectionImpl' constructor in 'share/classes/javax/management/remote/rmi/RMIConnectionImpl.java'. The issue is triggered due to improper permission checks when creating repository class loaders allowing a context-dependent attacker to bypass sandbox restrictions and disclose sensitive information. (CVE-2015-2621) - A flaw in the JSSE component that is triggered when performing X.509 certificate identity checks allowing a remote attacker to have a certificate for another domain being accepted as valid. (CVE-2015-2625) - An unspecified flaw related to the Install component allowing a remote attacker to gain access to sensitive information. (CVE-2015-2627) - A typecasting flaw in 'share/classes/com/sun/corba/se/impl/io/IIOPInputStream.java' that is triggered when handling IIOP operations allowing a context-dependent attacker to potentially execute arbitrary code. (CVE-2015-2628) - International Components for Unicode for C/C++ (ICU4C) contains an integer overflow condition in the 'LETableReference::verifyLength()' function in 'layout/LETableReference.h'. With a specially crafted font, a context-dependent attacker can crash an application linked against the library or potentially disclose memory contents. (CVE-2015-2632) - An unspecified flaw related to the 2D component allowing a context-dependent attacker to gain access to sensitive information. (CVE-2015-2637) - An unspecified flaw related to the 2D component allowing a context-dependent attacker to execute arbitrary code. (CVE-2015-2638) - A NULL pointer dereference flaw in 'share/classes/com/sun/crypto/provider/GCTR.java' related to the GCM (Galois Counter Mode) implementation. The issue is triggered when performing encryption using a block cipher in GCM mode and may allow a remote attacker to cause a crash. (CVE-2015-2659) - An unspecified flaw in the Deployment component allowing a local attacker to gain elevated privileges. (CVE-2015-2664) - An unspecified flaw related to the Deployment component may allow a remote attacker to have an impact on confidentiality and integrity. (CVE-2015-4729) - A flaw in 'share/classes/javax/management/MBeanServerInvocationHandler.java' is triggered when handling MBean connection proxy classes allowing a context-dependent attacker to bypass sandbox restrictions and potentially execute arbitrary code. (CVE-2015-4731) - A flaw in 'share/classes/java/io/ObjectInputStream.java' and 'share/classes/java/io/SerialCallbackContext.java' related to insufficient context checks allowing a context-dependent attacker to potentially execute arbitrary code. (CVE-2015-4732) - A flaw in the 'RemoteObjectInvocationHandler::invoke()' function in 'share/classes/java/rmi/server/RemoteObjectInvocationHandler.java'. The issue is triggered as calls to the finalize() method are permitted allowing a context-dependent attacker to bypass sandbox protections and potentially execute arbitrary code. (CVE-2015-4733) - An unspecified flaw related to the Deployment component may allow a context-dependent attacker to execute arbitrary code. (CVE-2015-4736) - A flaw that is triggered when handling Online Certificate Status Protocol (OCSP) responses with no 'nextUpdate' date specified allowing a remote attacker to cause an application to accept a revoked X.509 certificate. (CVE-2015-4748) - A flaw in the 'DnsClient::query()' function in 'share/classes/com/sun/jndi/dns/DnsClient.java'. The issue is triggered as JNDI DnsClient's exception handling fails to release request information allowing a remote attacker to exhaust memory resources and cause a denial of service. (CVE-2015-4749) -International Components for Unicode for C/C++ (ICU4C) contains overflow conditions in the layout engine. With a specially crafted font, a context-dependent attacker can cause a buffer overflow, crashing an application linked against the library or potentially allowing execution of arbitrary code. (CVE-2015-4760)

Solution

Update to Oracle Java SE 6 Update 101 / 7 Update 85 / 8 Update 51 or later.