Red Hat Security Advisory: java-1.6.0-sun security update
🔗 CVE IDs covered (26)
📋 Description
CVE-2009-3555 — TLS: MITM attacks via session renegotiation CVE-2010-0082 — OpenJDK Loader-constraint table allows arrays instead of only the base-classes (6626217) CVE-2010-0084 — OpenJDK Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) CVE-2010-0085 — OpenJDK File TOCTOU deserialization vulnerability (6736390) CVE-2010-0087 — JDK unspecified vulnerability in JWS/Plugin component CVE-2010-0088 — OpenJDK Inflater/Deflater clone issues (6745393) CVE-2010-0089 — JDK unspecified vulnerability in JavaWS/Plugin component CVE-2010-0090 — JDK unspecified vulnerability in JavaWS/Plugin component CVE-2010-0091 — OpenJDK Unsigned applet can retrieve the dragged information before drop action occurs(6887703) CVE-2010-0092 — OpenJDK AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) CVE-2010-0093 — OpenJDK System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) CVE-2010-0094 — OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) CVE-2010-0095 — OpenJDK Subclasses of InetAddress may incorrectly interpret network addresses (6893954) CVE-2010-0837 — OpenJDK JAR "unpack200" must verify input parameters (6902299) CVE-2010-0838 — OpenJDK CMM readMabCurveData Buffer Overflow Vulnerability (6899653) CVE-2010-0839 — JDK multiple unspecified vulnerabilities CVE-2010-0840 — OpenJDK Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) CVE-2010-0841 — OpenJDK JPEGImageReader stepX Integer Overflow Vulnerability (6909597) CVE-2010-0842 — JDK multiple unspecified vulnerabilities CVE-2010-0843 — JDK multiple unspecified vulnerabilities CVE-2010-0844 — JDK multiple unspecified vulnerabilities CVE-2010-0845 — OpenJDK No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807) CVE-2010-0846 — JDK unspecified vulnerability in ImageIO component CVE-2010-0847 — OpenJDK ImagingLib arbitrary code execution vulnerability (6914866) CVE-2010-0848 — OpenJDK AWT Library Invalid Index Vulnerability (6914823) CVE-2010-0849 — JDK unspecified vulnerability in Java2D component
🔗 References (28)
- selfhttps://access.redhat.com/errata/RHSA-2010:0337
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttp://kbase.redhat.com/faq/docs/DOC-20491
- externalhttp://www.oracle.com/technology/deploy/security/critical-patch-updates/javacpumar2010.html
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=533125
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575736
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575740
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575747
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575755
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575756
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575760
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575764
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575769
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575772
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575775
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575808
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575818
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575846
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575854
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575865
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=575871
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=578430
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=578432
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=578433
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=578436
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=578437
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=578440
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0337.json