Updated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7.

Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section.
(CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494)

Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file.

All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 95 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.

An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code.
An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0483)

An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2016-0494)

It was discovered that the password-based encryption (PBE) implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected. (CVE-2016-0475)

It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory.
(CVE-2016-0466)

A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)

Multiple flaws were discovered in the Networking and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448)

Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.

Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file.

All running instances of OpenJDK Java must be restarted for the update to take effect.

java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743)

  - CVE-2015-4871: Rebinding of the receiver of a     DirectMethodHandle may allow a protected method to be     accessed

  - CVE-2015-7575: Further reduce use of MD5 (SLOTH)     (bsc#960996)

  - CVE-2015-8126: Vulnerability in the AWT component     related to splashscreen displays

  - CVE-2015-8472: Vulnerability in the AWT component,     addressed by same fix

  - CVE-2016-0402: Vulnerability in the Networking component     related to URL processing

  - CVE-2016-0448: Vulnerability in the JMX comonent related     to attribute processing

  - CVE-2016-0466: Vulnerability in the JAXP component,     related to limits

  - CVE-2016-0483: Vulnerability in the AWT component     related to image decoding

  - CVE-2016-0494: Vulnerability in 2D component related to     font actions

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code.
An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0483)

An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2016-0494)

It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory.
(CVE-2016-0466)

A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)

Multiple flaws were discovered in the Libraries, Networking, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.
(CVE-2015-4871 , CVE-2016-0402 , CVE-2016-0448)

Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file.

An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code.
An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0483)

A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)

Integer signedness issues were discovered in IndicRearrangementProcessor and IndicRearrangementProcessor2 in the ICU Layout Engine. A specially crafted font file could cause an application using ICU to parse untrusted fonts to crash and, possibly, execute arbitrary code. (CVE-2016-0494)

It was discovered that the password-based encryption (PBE) implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected. (CVE-2016-0475)

A flaw was found in the deserialization of the URL class in the Networking component of OpenJDK. Deserialization of the specially crafted data could result in creation of the URL object with an inconsistent state. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-0402)

It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory.
(CVE-2016-0466)

It was discovered that the RMIConnector and RMIConnectionImpl classes in the JMX component of OpenJDK could log sensitive information such as user passwords in its debug log, possibly leading the exposure of the information. (CVE-2016-0448)

The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following components :

  - 2D
  - AWT
  - IBM J9 JVM
  - JAXP
  - JMX
  - Libraries
  - Networking
  - Security

This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937)

  - CVE-2015-5041: Could could have invoked non-public     interface methods under certain circumstances

  - CVE-2015-7575: The TLS protocol could allow weaker than     expected security caused by a collision attack when     using the MD5 hash function for signing a     ServerKeyExchange message during a TLS handshake. An     attacker could exploit this vulnerability using     man-in-the-middle techniques to impersonate a TLS server     and obtain credentials

  - CVE-2015-7981: libpng could allow a remote attacker to     obtain sensitive information, caused by an out-of-bounds     read in the png_convert_to_rfc1123 function. An attacker     could exploit this vulnerability to obtain sensitive     information

  - CVE-2015-8126: buffer overflow in libpng caused by     improper bounds checking by the png_set_PLTE() and     png_get_PLTE() functions

  - CVE-2015-8472: buffer overflow in libpng caused by     improper bounds checking by the png_set_PLTE() and     png_get_PLTE() functions

  - CVE-2015-8540: libpng is vulnerable to a buffer     overflow, caused by a read underflow in     png_check_keyword in pngwutil.c. By sending an overly     long argument, a remote attacker could overflow a buffer     and execute arbitrary code on the system or cause the     application to crash.

  - CVE-2016-0402: An unspecified vulnerability related to     the Networking component has no confidentiality impact,     partial integrity impact, and no availability impact

  - CVE-2016-0448: An unspecified vulnerability related to     the JMX component could allow a remote attacker to     obtain sensitive information

  - CVE-2016-0466: An unspecified vulnerability related to     the JAXP component could allow a remote attacker to     cause a denial of service

  - CVE-2016-0483: An unspecified vulnerability related to     the AWT component has complete confidentiality impact,     complete integrity impact, and complete availability     impact

  - CVE-2016-0494: An unspecified vulnerability related to     the 2D component has complete confidentiality impact,     complete integrity impact, and complete availability     impact

The following bugs were fixed :

  - bsc#960402: resolve package conflicts in devel package

  - bsc#960286: resolve package conflicts in the fonts     subpackage

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, information disclosure, denial of service and insecure cryptography.

java-1_8_0-openjdk was updated to version 7u95 to fix several security issues. (bsc#962743)

The following vulnerabilities were fixed :

  - CVE-2015-7575: Further reduce use of MD5 (SLOTH)     (bsc#960996)

  - CVE-2015-8126: Vulnerability in the AWT component     related to splashscreen displays

  - CVE-2015-8472: Vulnerability in the AWT component,     addressed by same fix

  - CVE-2016-0402: Vulnerability in the Networking component     related to URL processing

  - CVE-2016-0448: Vulnerability in the JMX comonent related     to attribute processing

  - CVE-2016-0466: Vulnerability in the JAXP component,     related to limits

  - CVE-2016-0483: Vulnerability in the AWT component     related to image decoding

  - CVE-2016-0494: Vulnerability in 2D component related to     font actions

Includes the following fixes from the October 2015 update:
(bsc#951376)

  - CVE-2015-4734: A remote user can exploit a flaw in the     Embedded JGSS component to partially access data

  - CVE-2015-4803: A remote user can exploit a flaw in the     JRockit JAXP component to cause partial denial of     service conditions

  - CVE-2015-4805: A remote user can exploit a flaw in the     Embedded Serialization component to gain elevated     privileges

  - CVE-2015-4806: A remote user can exploit a flaw in the     Java SE Embedded Libraries component to partially access     and partially modify data

  - CVE-2015-4835: A remote user can exploit a flaw in the     Embedded CORBA component to gain elevated privileges

  - CVE-2015-4842: A remote user can exploit a flaw in the     Embedded JAXP component to partially access data

  - CVE-2015-4843: A remote user can exploit a flaw in the     Java SE Embedded Libraries component to gain elevated     privileges

  - CVE-2015-4844: A remote user can exploit a flaw in the     Embedded 2D component to gain elevated privileges

  - CVE-2015-4860: A remote user can exploit a flaw in the     Embedded RMI component to gain elevated privileges

  - CVE-2015-4872: A remote user can exploit a flaw in the     JRockit Security component to partially modify data [].

  - CVE-2015-4881: A remote user can exploit a flaw in the     Embedded CORBA component to gain elevated privileges

  - CVE-2015-4882: A remote user can exploit a flaw in the     Embedded CORBA component to cause partial denial of     service conditions

  - CVE-2015-4883: A remote user can exploit a flaw in the     Embedded RMI component to gain elevated privileges

  - CVE-2015-4893: A remote user can exploit a flaw in the     JRockit JAXP component to cause partial denial of     service conditions

  - CVE-2015-4902: A remote user can exploit a flaw in the     Java SE Deployment component to partially modify data

  - CVE-2015-4903: A remote user can exploit a flaw in the     Embedded RMI component to partially access data

  - CVE-2015-4911: A remote user can exploit a flaw in the     JRockit JAXP component to cause partial denial of     service conditions

  - CVE-2015-4810: A local user can exploit a flaw in the     Java SE Deployment component to gain elevated privileges

  - CVE-2015-4840: A remote user can exploit a flaw in the     Embedded 2D component to partially access data

  - CVE-2015-4868: A remote user can exploit a flaw in the     Java SE Embedded Libraries component to gain elevated     privileges

  - CVE-2015-4901: A remote user can exploit a flaw in the     JavaFX component to gain elevated privileges

  - CVE-2015-4906: A remote user can exploit a flaw in the     JavaFX component to partially access data

  - CVE-2015-4908: A remote user can exploit a flaw in the     JavaFX component to partially access data

  - CVE-2015-4916: A remote user can exploit a flaw in the     JavaFX component to partially access data

The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 71, 7 Update 95, or 6 Update 111. It is, therefore, affected by security vulnerabilities in the following components :

 - 2D
 - AWT
 - JAXP
 - JMX
 - Libraries
 - Networking
 - Security

ID	Name	Product	Family	Published	Updated	Severity
88075	RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0056) (SLOTH)	Nessus	Red Hat Local Security Checks	1/22/2016	10/24/2019	high
88078	Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20160120) (SLOTH)	Nessus	Scientific Linux Local Security Checks	1/22/2016	1/14/2021	medium
88486	SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0269-1) (SLOTH)	Nessus	SuSE Local Security Checks	1/29/2016	1/6/2021	high
88655	Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-643) (SLOTH)	Nessus	Amazon Linux Local Security Checks	2/10/2016	4/18/2018	medium
88659	Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-647) (SLOTH)	Nessus	Amazon Linux Local Security Checks	2/10/2016	4/18/2018	medium
89053	AIX Java Advisory : java_jan2016_advisory.asc (January 2016 CPU) (SLOTH)	Nessus	AIX Local Security Checks	3/1/2016	4/21/2023	critical
89961	SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0770-1) (SLOTH)	Nessus	SuSE Local Security Checks	3/16/2016	1/19/2021	critical
88568	Debian DSA-3465-1 : openjdk-6 - security update (SLOTH)	Nessus	Debian Local Security Checks	2/4/2016	1/11/2021	medium
88537	openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-106) (SLOTH)	Nessus	SuSE Local Security Checks	2/3/2016	3/8/2022	high
700654	Oracle Java SE 6 < Update 111 / 7 < Update 95 / 8 < Update 71 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)	Nessus Network Monitor	Web Clients	5/2/2019	5/17/2019	critical

Detections

Analytics

Plugins Search

high

medium

high

medium

medium

critical

critical

medium

high

critical