New Search

RHSA-2015:0808 -- java-1.6.0-openjdk security update (Important)

oval:org.mitre.oval:def:29140

The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. An off-by-one flaw leading to a buffer overflow was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6
  • CentOS Linux 5
  • CentOS Linux 7
  • Red Hat Enterprise Linux 5
  • CentOS Linux 6
Class:
patch
Reference(s):
  • RHSA-2015:0808
  • CESA-2015:0808-CentOS 7
  • CESA-2015:0808-CentOS 6
  • CESA-2015:0808-CentOS 5
  • CVE-2005-1080
  • CVE-2015-0460
  • CVE-2015-0469
  • CVE-2015-0477
  • CVE-2015-0478
  • CVE-2015-0480
  • CVE-2015-0488
Product(s):
  • java-1.6.0-openjdk