Solution
Please Install the Updated Packages.
Insight
Multiple security issues were identified and fixed in OpenJDK (icedtea6):
Fix issues in java sound (CVE-2011-3563).
Fix in AtomicReferenceArray (CVE-2011-3571).
Add property to limit number of request headers to the HTTP Server (CVE-2011-5035).
Incorect checking for graphics rendering object (CVE-2012-0497).
Multiple unspecified vulnerabilities allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors (CVE-2012-0498. CVE-2012-0499, CVE-2012-0500).
Better input parameter checking in zip file processing (CVE-2012-0501).
Issues with some KeyboardFocusManager method (CVE-2012-0502).
Issues with TimeZone class (CVE-2012-0503).
Enhance exception throwing mechanism in ObjectStreamClass (CVE-2012-0505).
Issues with some method in corba (CVE-2012-0506).
The updated packages provides icedtea6-1.10.6 which is not vulnerable to these issues.
Affected
java-1.6.0-openjdk on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2,
Mandriva Linux 2010.1
Severity
Classification
-
CVE CVE-2011-3563, CVE-2011-3571, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities