Detections
Analytics
SuSE 11.2 Security Update : IBM Java 1.6.0 (SAT Patch Number 7095)
critical Nessus Plugin ID 64166
Language:
Synopsis
The remote SuSE 11 host is missing one or more security updates.Description
IBM Java 1.6.0 has been updated to SR12 which fixes bugs and security issues.More information can be found on :
http://www.ibm.com/developerworks/java/jdk/alerts/
CVEs fixed: CVE-2012-3159 / CVE-2012-3216 / CVE-2012-5068 / CVE-2012-3143 / CVE-2012-5073 / CVE-2012-5075 / CVE-2012-5083 / CVE-2012-5083 / CVE-2012-5072 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-1532 / CVE-2012-1533 / CVE-2012-5069 / CVE-2012-5071 / CVE-2012-5084 / CVE-2012-5079 / CVE-2012-5089
Solution
Apply SAT patch number 7095.See Also
https://bugzilla.novell.com/show_bug.cgi?id=785631
https://bugzilla.novell.com/show_bug.cgi?id=788750
http://support.novell.com/security/cve/CVE-2012-1531.html
http://support.novell.com/security/cve/CVE-2012-1532.html
http://support.novell.com/security/cve/CVE-2012-1533.html
http://support.novell.com/security/cve/CVE-2012-3143.html
http://support.novell.com/security/cve/CVE-2012-3159.html
http://support.novell.com/security/cve/CVE-2012-3216.html
http://support.novell.com/security/cve/CVE-2012-5068.html
http://support.novell.com/security/cve/CVE-2012-5069.html
http://support.novell.com/security/cve/CVE-2012-5071.html
http://support.novell.com/security/cve/CVE-2012-5072.html
http://support.novell.com/security/cve/CVE-2012-5073.html
http://support.novell.com/security/cve/CVE-2012-5075.html
http://support.novell.com/security/cve/CVE-2012-5079.html
http://support.novell.com/security/cve/CVE-2012-5081.html
http://support.novell.com/security/cve/CVE-2012-5083.html
Plugin Details
Severity: Critical
ID: 64166
File Name: suse_11_java-1_6_0-ibm-121126.nasl
Version: 1.12
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 1/25/2013
Updated: 1/19/2021
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.0
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-jdbc, p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm, p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-plugin, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-fonts, p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-alsa
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/26/2012
Exploitable With
Metasploit (Sun Java Web Start Double Quote Injection)
Reference Information
CVE: CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089