Bug 711677 (CVE-2011-0802, CVE-2011-0814)
Summary: | CVE-2011-0802 CVE-2011-0814 Oracle/IBM JDK: unspecified vulnerabilities fixed in 6u26 (Sound) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | unspecified | CC: | ahughes, aph, dbhole, jvanek, mjc |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
URL: | http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-06-04 12:49:29 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 711408, 711409, 711410, 720963, 720964, 720965, 723824, 723825, 723826, 729588, 729589, 729907, 729908, 729909 | ||
Bug Blocks: |
Description
Tomas Hoger
2011-06-08 07:03:24 UTC
This issue has been addressed in following products: Extras for RHEL 4 Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2011:0860 https://rhn.redhat.com/errata/RHSA-2011-0860.html ZDI has published an advisory for CVE-2011-0802: Oracle Java Soundbank Decompression Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-199/ According to ZDI advisory, it is and integer overflow flaw, leading to a heap-based buffer overflow. Soundbank file parsing code is affected. This issue has been addressed in following products: Extras for RHEL 4 Supplementary for Red Hat Enterprise Linux 5 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2011:0938 https://rhn.redhat.com/errata/RHSA-2011-0938.html This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 6 Extras for RHEL 4 Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2011:1087 https://rhn.redhat.com/errata/RHSA-2011-1087.html This issue has been addressed in following products: Supplementary for Red Hat Enterprise Linux 5 Extras for RHEL 4 Via RHSA-2011:1159 https://rhn.redhat.com/errata/RHSA-2011-1159.html This issue has been addressed in following products: RHEL 4 for SAP RHEL 5 for SAP RHEL 6 for SAP Via RHSA-2011:1265 https://rhn.redhat.com/errata/RHSA-2011-1265.html This issue has been addressed in following products: Red Hat Network Satellite Server v 5.4 Via RHSA-2013:1455 https://rhn.redhat.com/errata/RHSA-2013-1455.html |