Debian Security Advisory DSA 3147-1 (openjdk-6 - Security Update) Network Vulnerability

Summary

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.

Solution

For the stable distribution (wheezy), these problems have been fixed in version 6b34-1.13.6-1~deb7u1. We recommend that you upgrade your openjdk-6 packages.

Insight

OpenJDK is a development environment for building applications, applets, and components using the Java programming language.

Affected

openjdk-6 on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2015/dsa-3147.html

Updated on 2015-03-25

Severity

Classification

CVE	CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 082-1 (xvt)
Debian Security Advisory DSA 003-1 (joe)
Debian Security Advisory DSA 008-1 (dialog)
Debian Security Advisory DSA 095-1 (gpm)
Debian Security Advisory DSA 085-1 (nvi, nvi-m17n)

Debian Security Advisory DSA 3147-1 (openjdk-6 - security update)

Take action and discover your vulnerabilities