You are here

V-051: Oracle Solaris Java Multiple Vulnerabilities

December 20, 2012 - 12:15am

Addthis

PROBLEM:

Oracle Solaris Java Multiple Vulnerabilities

PLATFORM:

Oracle Solaris 11.x

ABSTRACT:

Oracle has acknowledged multiple vulnerabilities in Java included in Solaris

REFERENCE LINKS:

Secunia Advisory:  SA51618
Secunia Advisory:  SA50949 
Third Party Vulnerability Resolution Blog in Java 7U9
Third Party Vulnerability Resolution Blog in Java 6U37
CVE-2012-1531
CVE-2012-1532
CVE-2012-1533
CVE-2012-3143
CVE-2012-3159
CVE-2012-3216
CVE-2012-4416
CVE-2012-5067
CVE-2012-5068
CVE-2012-5069
CVE-2012-5070
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5074
CVE-2012-5075
CVE-2012-5076
CVE-2012-5077
CVE-2012-5079
CVE-2012-5081
CVE-2012-5083
CVE-2012-5084
CVE-2012-5085
CVE-2012-5087
CVE-2012-5088
CVE-2012-5089

IMPACT ASSESSMENT:

High

DISCUSSION:

Oracle has acknowledged multiple vulnerabilities in Java included in Solaris, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

IMPACT:

A remote user can take full control of the target system.

A remote user can access and modify data on the target system.

A remote user can cause partial denial of service conditions on the target system.

SOLUTION:

Update to Solaris 11.1 10/12 SRU 2.5 

Addthis