Debian Security Advisory DSA 3144-1 (openjdk-7 - Security Update) Network Vulnerability

Summary

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.

Solution

For the stable distribution (wheezy), these problems have been fixed in version 7u75-2.5.4-1~deb7u1. For the upcoming stable distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 7u75-2.5.4-1. We recommend that you upgrade your openjdk-7 packages.

Insight

OpenJDK is a development environment for building applications, applets, and components using the Java programming language.

Affected

openjdk-7 on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2015/dsa-3144.html

Updated on 2015-03-25

Severity

Classification

CVE	CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 3144-1 (openjdk-7 - security update)

Take action and discover your vulnerabilities