Oval Definition:oval:org.cisecurity:def:1524
Revision Date:2017-01-06Version:8
Title:HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access
Description:Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2014-0416
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • platforms
  • HP-UX B.11.23
  • OR HP-UX B.11.31
  • AND filesets test
  • Jdk70.JDK70-COM version is less than 1.7.0.09.00
  • OR Jdk70.JDK70-DEMO version is less than 1.7.0.09.00
  • OR Jdk70.JDK70-IPF32 version is less than 1.7.0.09.00
  • OR Jdk70.JDK70-IPF64 version is less than 1.7.0.09.00
  • OR Jre70.JRE70-COM version is less than 1.7.0.09.00
  • OR Jre70.JRE70-IPF32 version is less than 1.7.0.09.00
  • OR Jre70.JRE70-IPF32-HS version is less than 1.7.0.09.00
  • OR Jre70.JRE70-IPF64 version is less than 1.7.0.09.00
  • OR Jre70.JRE70-IPF64-HS version is less than 1.7.0.09.00
  • BACK