Debian Security Advisory DSA 2987-1 (openjdk-7 - Security Update) Network Vulnerability

Summary

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.

Solution

For the stable distribution (wheezy), these problems have been fixed in version 7u65-2.5.1-2~deb7u1. For the unstable distribution (sid), these problems have been fixed in version 7u65-2.5.1-1. We recommend that you upgrade your openjdk-7 packages.

Insight

OpenJDK is a development environment for building applications, applets, and components using the Java programming language.

Affected

openjdk-7 on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2014/dsa-2987.html

Updated on 2015-03-25

Severity

Classification

CVE	CVE-2014-2483, CVE-2014-2490, CVE-2014-4209, CVE-2014-4216, CVE-2014-4218, CVE-2014-4219, CVE-2014-4221, CVE-2014-4223, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4264, CVE-2014-4266, CVE-2014-4268

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 2987-1 (openjdk-7 - security update)

Take action and discover your vulnerabilities