The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Java JRE/JDK: several vulnerabilities

Synthesis of the vulnerability 

Several vulnerabilities of Java JRE/JDK can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code.
Vulnerable systems: Debian, Fedora, HPE NNMi, HP-UX, ServeRAID, Mandriva Linux, Windows (platform) ~ not comprehensive, Java OpenJDK, openSUSE, Java Oracle, RHEL, SUSE Linux Enterprise Desktop, SLES, Unix (platform) ~ not comprehensive, ESX, vCenter Server, VirtualCenter.
Severity of this threat: 4/4.
Number of vulnerabilities in this bulletin: 20.
Creation date: 19/10/2011.
Références of this weakness: BID-49778, BID-50211, BID-50215, BID-50216, BID-50218, BID-50220, BID-50223, BID-50224, BID-50226, BID-50229, BID-50231, BID-50234, BID-50236, BID-50237, BID-50239, BID-50242, BID-50243, BID-50246, BID-50248, BID-50250, c03122753, c03266681, c03316985, c03358587, c03405642, CERTA-2011-AVI-541, CERTA-2011-AVI-580, CERTA-2011-AVI-675, CERTA-2012-AVI-012, CERTA-2012-AVI-045, CERTA-2012-AVI-190, CERTA-2012-AVI-238, CERTA-2012-AVI-286, CERTA-2012-AVI-395, CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3555, CVE-2011-3556, CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561, DSA-2356-1, DSA-2358-1, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, FEDORA-2011-14638, FEDORA-2011-14648, FEDORA-2011-15555, HPSBMU02797, HPSBMU02799, HPSBUX02730, HPSBUX02760, HPSBUX02777, javacpuoct2011, MDVSA-2011:170, openSUSE-SU-2011:1196-1, RHSA-2011:1380-01, RHSA-2011:1384-01, RHSA-2011:1478-01, RHSA-2012:0006-01, RHSA-2012:0034-01, RHSA-2012:0343-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SSRT100710, SSRT100805, SSRT100854, SSRT100867, SUSE-SU-2011:1298-1, SUSE-SU-2012:0114-1, SUSE-SU-2012:0114-2, SUSE-SU-2012:0122-1, SUSE-SU-2012:0122-2, SUSE-SU-2020:0114-1, SUSE-SU-2020:0234-1, VIGILANCE-VUL-11072, VMSA-2012-0003, VMSA-2012-0003.1, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0013.1, VU#864643, ZDI-11-305, ZDI-11-306, ZDI-11-307.

Description of the vulnerability 

Several vulnerabilities were announced in Java JRE/JDK. The most severe vulnerabilities lead to code execution.

An attacker can use a vulnerability of AWT, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50211, CVE-2011-3548]

An attacker can use a vulnerability of Java IIOP Deserialization, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50215, CVE-2011-3521, ZDI-11-306]

An attacker can use a vulnerability of Java Runtime Environment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50216, CVE-2011-3554]

An attacker can use a vulnerability of Rhino Javascript, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50218, CVE-2011-3544, ZDI-11-305]

An attacker can use a vulnerability of Sound MixerSequencer.nAddControllerEventCallback, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50220, CVE-2011-3545, ZDI-11-307]

An attacker can use a vulnerability of Swing, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50223, CVE-2011-3549]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50224, CVE-2011-3551]

An attacker can use a vulnerability of AWT, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50226, CVE-2011-3550]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:4/4; BID-50229, CVE-2011-3516]

An attacker can use a vulnerability of RMI, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-50231, CVE-2011-3556]

An attacker can use a vulnerability of RMI, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-50234, CVE-2011-3557]

An attacker can use a vulnerability of JSSE, in order to obtain or alter information. [severity:3/4; BID-50236, CVE-2011-3560]

An attacker can use a vulnerability of Java Runtime Environment, in order to alter information, or to create a denial of service. [severity:3/4; BID-50237, CVE-2011-3555]

An attacker can use a vulnerability of Deployment, in order to obtain or alter information. [severity:3/4; BID-50239, CVE-2011-3546]

An attacker can use a vulnerability of HotSpot, in order to obtain information. [severity:2/4; BID-50242, CVE-2011-3558]

An attacker can use a vulnerability of Networking, in order to obtain information. [severity:2/4; BID-50243, CERTA-2012-AVI-238, CVE-2011-3547]

An attacker, who can control HTTPS connections of victim's web browser and which has a sufficient bandwidth, can use several SSL sessions in order to compute HTTP headers, such as cookies (VIGILANCE-VUL-11014). [severity:1/4; BID-49778, CERTA-2011-AVI-541, CERTA-2011-AVI-580, CERTA-2011-AVI-675, CERTA-2012-AVI-012, CERTA-2012-AVI-045, CERTA-2012-AVI-190, CVE-2011-3389, VU#864643]

An attacker can use a vulnerability of JAXWS, in order to obtain information. [severity:2/4; BID-50246, CVE-2011-3553]

An attacker can open numerous UDP ports, in order to facilitate a DNS cache poisoning attack (VIGILANCE-VUL-11087). [severity:1/4; BID-50248, CVE-2011-3552]

An attacker can use a vulnerability of Deployment, in order to obtain information. [severity:1/4; BID-50250, CVE-2011-3561]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness alert impacts software or systems such as Debian, Fedora, HPE NNMi, HP-UX, ServeRAID, Mandriva Linux, Windows (platform) ~ not comprehensive, Java OpenJDK, openSUSE, Java Oracle, RHEL, SUSE Linux Enterprise Desktop, SLES, Unix (platform) ~ not comprehensive, ESX, vCenter Server, VirtualCenter.

Our Vigil@nce team determined that the severity of this computer vulnerability note is critical.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 20 vulnerabilities.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this security bulletin.

Solutions for this threat 

Java JDK, JRE: version 7 Update 1.
The version 7 Update 1 is corrected:
  http://www.oracle.com/technetwork/java/javase/downloads/index.html

Java JDK, JRE: version 6 Update 29.
The version 6 Update 29 is corrected:
  http://www.oracle.com/technetwork/java/javase/downloads/index.html

Java JDK, JRE: version 5.0 Update 32.
The version 5.0 Update 32 is corrected:
  http://www.oracle.com/technetwork/java/javase/downloads/index.html
  http://www.oracle.com/technetwork/java/javase/documentation/overview-137139.html

Java SDK, JRE: version 1.4.2_34.
The version 1.4.2_34 is corrected:
  http://www.oracle.com/technetwork/java/javase/downloads/index.html
  http://www.oracle.com/technetwork/java/javase/documentation/overview-142120.html

Debian 5: new openjdk-6 packages.
New packages are available:
  openjdk-6 6b18-1.8.10-0~lenny1

Debian 6: new openjdk-6 packages.
New packages are available:
  openjdk-6 6b18-1.8.10-0+squeeze1

Fedora 16: new java-1.7.0-openjdk packages.
New packages are available:
  java-1.7.0-openjdk-1.7.0.1-2.0.2.fc16

Fedora: new java-1.6.0-openjdk packages.
New packages are available:
  java-1.6.0-openjdk-1.6.0.0-55.1.9.10.fc14
  java-1.6.0-openjdk-1.6.0.0-60.1.10.4.fc15

HP NNMi 9.0: hotfix for JDK.
A hotfix is available:
  HP-UX : Patch 5 : Hotfix-NNMi-9.0xP5-HP-UX-JDK-20120710.zip
  Linux : Patch 5 : Hotfix-NNMi-9.0xP5-Linux-JDK-20120523.zip
  Solaris : Patch 5 : Hotfix-NNMi-9.0xP5-Solaris-JDK-20120523.zip
  Windows : Patch 5 : Hotfix-NNMi-9.0xP5-Windows-JDK-20120523.zip

HP NNMi 9.1: hotfix for JDK.
A hotfix is available:
  HP-UX : Patch 4 : Hotfix-NNMi-9.1xP4-HP-UX-JDK-20120710.zip
  Linux : Patch 4 : Hotfix-NNMi-9.1xP4-Linux-JDK-20120523.zip
  Solaris : Patch 4 : Hotfix-NNMi-9.1xP4-Solaris-JDK-20120523.zip
  Windows : Patch 4 : Hotfix-NNMi-9.1xP4-Windows-JDK-20120523.zip

HP-UX: Java version 1.4.2.28.
Java version 1.4.2.28 is corrected:
  http://www.hp.com/go/java

HP-UX: Java version 1.5.0.25.00.
The version 1.5.0.25.00 is corrected:
  http://www.hp.com/go/java

HP-UX: JDK/JRE version 6.0.13.
The version 6.0.13 is corrected:
  http://www.hp.com/go/java

IBM Java: versions 1.4.2 SR13-FP11, 5.0 SR13 and 6 SR10.
Versions 1.4.2 SR13-FP11, 5.0 SR13 and 6 SR10 are corrected:
  http://www.ibm.com/developerworks/java/

IBM ServeRAID Manager: workaround.
A workaround is to uninstall IBM ServeRAID Manager, which is no longer supported.

Mandriva: new java-1.6.0-openjdk packages.
New packages are available:
  java-1.6.0-openjdk-1.6.0.0-24.b22.1mdv2010.2
  java-1.6.0-openjdk-1.6.0.0-24.b22.1-mdv2011.0
  java-1.6.0-openjdk-1.6.0.0-24.b22.1mdvmes5.2

openSUSE: new java-1_6_0-openjdk packages.
New packages are available:
  openSUSE 11.3 : java-1_6_0-openjdk-1.6.0.0_b22.1.10.4-0.3.2
  openSUSE 11.4 : java-1_6_0-openjdk-1.6.0.0_b22.1.10.4-0.3.2

Red Hat Satellite: new java-1.6.0-ibm packages.
New packages are available:
Red Hat Satellite (RHEL v.5):
  java-1.6.0-ibm-1.6.0.14.0-1jpp.1.el5_9
Red Hat Satellite (RHEL v.6):
  java-1.6.0-ibm-1.6.0.14.0-1jpp.1.el6_4

RHEL 4E, 5S, 6S: new java-1.5.0-ibm packages.
New packages are available:
  java-1.5.0-ibm-1.5.0.13.0-1jpp.1.el4
  java-1.5.0-ibm-1.5.0.13.0-1jpp.1.el5
  java-1.5.0-ibm-1.5.0.13.0-1jpp.1.el6

RHEL 4E, 5S, 6S: new java-1.6.0-ibm packages.
New packages are available:
  java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el4
  java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el5
  java-1.6.0-ibm-1.6.0.10.0-1jpp.2.el6

RHEL 4E, 5S, 6S: new java-1.6.0-sun packages.
New packages are available:
  java-1.6.0-sun-1.6.0.29-1jpp.1.el4
  java-1.6.0-sun-1.6.0.29-1jpp.1.el5
  java-1.6.0-sun-1.6.0.29-1jpp.1.el6

RHEL 4: new java-1.4.2-ibm packages.
New packages are available:
  java-1.4.2-ibm-1.4.2.13.11-1jpp.1.el4

RHEL 5, 6: new java-1.6.0-openjdk packages.
New packages are available:
  java-1.6.0-openjdk-1.6.0.0-1.23.1.9.10.el5_7
  java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1

RHEL SAP: new java-1.4.2-ibm-sap packages.
New packages are available:
  RHEL 4 AS for SAP:
    java-1.4.2-ibm-sap-1.4.2.13.11.sap-1jpp.1.el4
  RHEL 5 Server for SAP:
    java-1.4.2-ibm-sap-1.4.2.13.11.sap-1jpp.1.el5
  Red Hat Enterprise Linux SAP v. 6:
    java-1.4.2-ibm-sap-1.4.2.13.11.sap-1jpp.1.el6

SUSE LE 10: new java-1_5_0-ibm packages.
New packages are available:
  java-1_5_0-ibm-1.5.0_sr13.0-0.5.1

SUSE LE 15: new python3 packages (16/01/2020).
New packages are available:
  SUSE LE 15 RTM: python3 3.6.10-3.42.2
  SUSE LE 15 SP1: python3 3.6.10-3.42.2

SUSE LE 15: new python packages (27/01/2020).
New packages are available:
  SUSE LE 15 RTM: python 2.7.17-7.32.2
  SUSE LE 15 SP1: python 2.7.17-7.32.2

SUSE LE: new java-1_4_2-ibm packages.
New packages are available:
  SUSE LE 10 : java-1_4_2-ibm-1.4.2_sr13.11-0.10.1
  SUSE LE 11 : java-1_4_2-ibm-1.4.2_sr13.11-0.5.1

SUSE LE: new java-1_6_0-ibm packages.
New packages are available:
  SUSE LE 10 : java-1_6_0-ibm-1.6.0_sr10.0-0.8.1
  SUSE LE 11 : java-1_6_0-ibm-1.6.0_sr10.0-0.3.1

VMware ESX 3.5: patch ESX350-201203401-SG.
A patch is available:
  ESX350-201203401-SG
  http://downloads.vmware.com/go/selfsupport-download
  http://kb.vmware.com/kb/2009155

VMware ESX 4.0: patch ESX400-201209001.
A patch is available:
  ESX400-201209001
  http://kb.vmware.com/kb/2019661

VMware vCenter Server: version 4.0 Update 4a.
The version 4.0 Update 4a is corrected:
  http://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_0
  https://www.vmware.com/support/vsphere4/doc/vsp_vc40_u4a_rel_notes.html

VMware Virtual Center 2.5: Update 6b.
The Update 6b is available:
  http://www.vmware.com/download/download.do?downloadGroup=VC250U6B
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides application vulnerability analysis. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.