Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2016.0428.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2016:0428-1)
Summary:The remote host is missing an update for the 'java-1_6_0-ibm' package(s) announced via the SUSE-SU-2016:0428-1 advisory.
Description:Summary:
The remote host is missing an update for the 'java-1_6_0-ibm' package(s) announced via the SUSE-SU-2016:0428-1 advisory.

Vulnerability Insight:
This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)
- CVE-2015-5041: Could could have invoked non-public interface methods
under certain circumstances
- CVE-2015-7575: The TLS protocol could allow weaker than expected
security caused by a collision attack when using the MD5 hash function
for signing a ServerKeyExchange message during a TLS handshake. An
attacker could exploit this vulnerability using man-in-the-middle
techniques to impersonate a TLS server and obtain credentials
- CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive
information, caused by an out-of-bounds read in the
png_convert_to_rfc1123 function. An attacker could exploit this
vulnerability to obtain sensitive information
- CVE-2015-8126: buffer overflow in libpng caused by improper bounds
checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8472: buffer overflow in libpng caused by improper bounds
checking by the png_set_PLTE() and png_get_PLTE() functions
- CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a
read underflow in png_check_keyword in pngwutil.c. By sending an overly
long argument, a remote attacker could overflow a buffer and execute
arbitrary code on the system or cause the application to crash.
- CVE-2016-0402: An unspecified vulnerability related to the Networking
component has no confidentiality impact, partial integrity impact, and
no availability impact
- CVE-2016-0448: An unspecified vulnerability related to the JMX component
could allow a remote attacker to obtain sensitive information
- CVE-2016-0466: An unspecified vulnerability related to the JAXP
component could allow a remote attacker to cause a denial of service
- CVE-2016-0483: An unspecified vulnerability related to the AWT component
has complete confidentiality impact, complete integrity impact, and
complete availability impact
- CVE-2016-0494: An unspecified vulnerability related to the 2D component
has complete confidentiality impact, complete integrity impact, and
complete availability impact The following bugs were fixed:
- bsc#960402: resolve package conflicts in devel package
- bsc#960286: resolve package conflicts in the fonts subpackage

Affected Software/OS:
'java-1_6_0-ibm' package(s) on SUSE Linux Enterprise Module for Legacy Software 12

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-5041
AIX APAR: IV72872
http://www-01.ibm.com/support/docview.wss?uid=swg1IV72872
BugTraq ID: 82451
http://www.securityfocus.com/bid/82451
RedHat Security Advisories: RHSA-2016:1430
https://access.redhat.com/errata/RHSA-2016:1430
SuSE Security Announcement: SUSE-SU-2016:0399 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00026.html
SuSE Security Announcement: SUSE-SU-2016:0401 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00028.html
SuSE Security Announcement: SUSE-SU-2016:0428 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00031.html
SuSE Security Announcement: SUSE-SU-2016:0431 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00032.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7575
BugTraq ID: 79684
http://www.securityfocus.com/bid/79684
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
Debian Security Information: DSA-3436 (Google Search)
http://www.debian.org/security/2016/dsa-3436
Debian Security Information: DSA-3437 (Google Search)
http://www.debian.org/security/2016/dsa-3437
Debian Security Information: DSA-3457 (Google Search)
http://www.debian.org/security/2016/dsa-3457
Debian Security Information: DSA-3458 (Google Search)
http://www.debian.org/security/2016/dsa-3458
Debian Security Information: DSA-3465 (Google Search)
http://www.debian.org/security/2016/dsa-3465
Debian Security Information: DSA-3491 (Google Search)
http://www.debian.org/security/2016/dsa-3491
Debian Security Information: DSA-3688 (Google Search)
http://www.debian.org/security/2016/dsa-3688
https://security.gentoo.org/glsa/201701-46
https://security.gentoo.org/glsa/201706-18
https://security.gentoo.org/glsa/201801-15
RedHat Security Advisories: RHSA-2016:0049
http://rhn.redhat.com/errata/RHSA-2016-0049.html
RedHat Security Advisories: RHSA-2016:0050
http://rhn.redhat.com/errata/RHSA-2016-0050.html
RedHat Security Advisories: RHSA-2016:0053
http://rhn.redhat.com/errata/RHSA-2016-0053.html
RedHat Security Advisories: RHSA-2016:0054
http://rhn.redhat.com/errata/RHSA-2016-0054.html
RedHat Security Advisories: RHSA-2016:0055
http://rhn.redhat.com/errata/RHSA-2016-0055.html
RedHat Security Advisories: RHSA-2016:0056
http://rhn.redhat.com/errata/RHSA-2016-0056.html
http://www.securitytracker.com/id/1034541
http://www.securitytracker.com/id/1036467
SuSE Security Announcement: SUSE-SU-2016:0256 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
SuSE Security Announcement: SUSE-SU-2016:0265 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
SuSE Security Announcement: SUSE-SU-2016:0269 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
SuSE Security Announcement: openSUSE-SU-2015:2405 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html
SuSE Security Announcement: openSUSE-SU-2016:0007 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html
SuSE Security Announcement: openSUSE-SU-2016:0161 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html
SuSE Security Announcement: openSUSE-SU-2016:0162 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html
SuSE Security Announcement: openSUSE-SU-2016:0263 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
SuSE Security Announcement: openSUSE-SU-2016:0268 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
SuSE Security Announcement: openSUSE-SU-2016:0270 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
SuSE Security Announcement: openSUSE-SU-2016:0272 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
SuSE Security Announcement: openSUSE-SU-2016:0279 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
SuSE Security Announcement: openSUSE-SU-2016:0307 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html
SuSE Security Announcement: openSUSE-SU-2016:0308 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html
SuSE Security Announcement: openSUSE-SU-2016:0488 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
SuSE Security Announcement: openSUSE-SU-2016:0605 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html
http://www.ubuntu.com/usn/USN-2863-1
http://www.ubuntu.com/usn/USN-2864-1
http://www.ubuntu.com/usn/USN-2865-1
http://www.ubuntu.com/usn/USN-2866-1
http://www.ubuntu.com/usn/USN-2884-1
http://www.ubuntu.com/usn/USN-2904-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7981
BugTraq ID: 77304
http://www.securityfocus.com/bid/77304
Debian Security Information: DSA-3399 (Google Search)
http://www.debian.org/security/2015/dsa-3399
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html
https://security.gentoo.org/glsa/201611-08
http://www.openwall.com/lists/oss-security/2015/10/26/1
http://www.openwall.com/lists/oss-security/2015/10/26/3
RedHat Security Advisories: RHSA-2015:2594
http://rhn.redhat.com/errata/RHSA-2015-2594.html
RedHat Security Advisories: RHSA-2015:2595
http://rhn.redhat.com/errata/RHSA-2015-2595.html
http://www.securitytracker.com/id/1034393
SuSE Security Announcement: openSUSE-SU-2015:2099 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html
SuSE Security Announcement: openSUSE-SU-2015:2136 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html
http://www.ubuntu.com/usn/USN-2815-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-8126
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
BugTraq ID: 77568
http://www.securityfocus.com/bid/77568
Debian Security Information: DSA-3507 (Google Search)
http://www.debian.org/security/2016/dsa-3507
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html
https://security.gentoo.org/glsa/201603-09
http://www.openwall.com/lists/oss-security/2015/11/12/2
RedHat Security Advisories: RHSA-2015:2596
http://rhn.redhat.com/errata/RHSA-2015-2596.html
RedHat Security Advisories: RHSA-2016:0057
http://rhn.redhat.com/errata/RHSA-2016-0057.html
http://www.securitytracker.com/id/1034142
SuSE Security Announcement: SUSE-SU-2016:0665 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html
SuSE Security Announcement: openSUSE-SU-2015:2100 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html
SuSE Security Announcement: openSUSE-SU-2015:2135 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html
SuSE Security Announcement: openSUSE-SU-2015:2262 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html
SuSE Security Announcement: openSUSE-SU-2015:2263 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html
SuSE Security Announcement: openSUSE-SU-2016:0103 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html
SuSE Security Announcement: openSUSE-SU-2016:0104 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html
SuSE Security Announcement: openSUSE-SU-2016:0105 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html
SuSE Security Announcement: openSUSE-SU-2016:0664 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html
SuSE Security Announcement: openSUSE-SU-2016:0684 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html
SuSE Security Announcement: openSUSE-SU-2016:0729 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8472
BugTraq ID: 78624
http://www.securityfocus.com/bid/78624
Debian Security Information: DSA-3443 (Google Search)
http://www.debian.org/security/2016/dsa-3443
http://www.openwall.com/lists/oss-security/2015/12/03/6
Common Vulnerability Exposure (CVE) ID: CVE-2015-8540
BugTraq ID: 80592
http://www.securityfocus.com/bid/80592
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
http://www.openwall.com/lists/oss-security/2015/12/10/6
http://www.openwall.com/lists/oss-security/2015/12/10/7
http://www.openwall.com/lists/oss-security/2015/12/11/1
http://www.openwall.com/lists/oss-security/2015/12/11/2
http://www.openwall.com/lists/oss-security/2015/12/17/10
Common Vulnerability Exposure (CVE) ID: CVE-2016-0402
BugTraq ID: 81096
http://www.securityfocus.com/bid/81096
https://security.gentoo.org/glsa/201603-14
https://security.gentoo.org/glsa/201610-08
RedHat Security Advisories: RHSA-2016:0067
http://rhn.redhat.com/errata/RHSA-2016-0067.html
http://www.securitytracker.com/id/1034715
http://www.ubuntu.com/usn/USN-2885-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-0448
BugTraq ID: 81123
http://www.securityfocus.com/bid/81123
Common Vulnerability Exposure (CVE) ID: CVE-2016-0466
BugTraq ID: 81118
http://www.securityfocus.com/bid/81118
Common Vulnerability Exposure (CVE) ID: CVE-2016-0483
http://www.zerodayinitiative.com/advisories/ZDI-16-032
Common Vulnerability Exposure (CVE) ID: CVE-2016-0494
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.