Red Hat Enterprise Linux Extras, RHEL Supplementary

ソフト名：Red Hat Enterprise Linux Extras v. 4, RHEL Supplementary (v. 5 server)/Desktop Supplementary (v. 5 client)

回避策：RHSA-2011:1159-1にて対応

脆弱性：データ操作, 機密情報の奪取, DoS攻撃, システムアクセス, 無限ループ, 整数オーバーフローエラー, メモリ破壊, リモートコード実行, 解放後使用エラー, リモートコマンド実行

ソース：

http://www.redhat.com/

https://rhn.redhat.com/errata/RHSA-2011-1159.html

http://secunia.com/advisories/43295/

http://secunia.com/advisories/45206/

http://secunia.com/advisories/45630/

http://dvw-j.blogspot.com/2011/02/sun-java-ibm-java-ibm-websphere.html

http://dvw-j.blogspot.com/2011/07/ibm-java.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0311

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871

CVE：CVE-2011-0311, CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871

危険性：High Risk

Red Hat Enterprise Linux Extras, RHEL Desktop Supplementary

ソフト名：Red Hat Enterprise Linux Extras v. 4, RHEL Desktop Supplementary (v. 5 client)/Supplementary (v. 5 server)/Desktop Supplementary (v. 6)/HPC Node Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6) (IBM Java 6.x)

回避策：RHSA-2011:1087-1にて対応

脆弱性：データ操作, 機密情報の奪取, システムアクセス, DoS攻撃, 整数オーバーフローエラー, メモリ破壊, リモートコード実行, 解放後使用エラー, リモートコマンド実行

ソース：

http://www.redhat.com/

https://rhn.redhat.com/errata/RHSA-2011-1087.html

http://secunia.com/advisories/45206/

http://secunia.com/advisories/45402/

http://dvw-j.blogspot.com/2011/07/ibm-java.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873

CVE：CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871, CVE-2011-0873

危険性：High Risk

Red Hat Enterprise Linux Extras

ソフト名：Red Hat Enterprise Linux Extras v. 4/Desktop Supplementary (v. 5 client)/Supplementary (v. 5 server)/Desktop Supplementary (v. 6)/HPC Node Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6) (IBM Java 6.x)

回避策：RHSA-2011:0938-1にて対応

脆弱性：データ操作, 機密情報の奪取, DoS攻撃, システムアクセス, 整数オーバーフローエラー, メモリ破壊, リモートコード実行, 解放後使用エラー, リモートコマンド実行

ソース：http://www.redhat.com/

https://rhn.redhat.com/errata/RHSA-2011-0938.html

http://secunia.com/advisories/45206/

http://secunia.com/advisories/45229/

http://dvw-j.blogspot.com/2011/07/ibm-java.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0863

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0868

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0869

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873

CVE：CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863, CVE-2011-0865, CVE-2011-0866, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0873

危険性：High Risk

Sun Java, Red Hat Enterprise Linux, Red Hat Enterprise Linux Extras, Red Hat Enterprise Linux Desktop Supplementary

ソフト名：Sun Java JDK 1.5.x/1.6.x/6.x, Sun Java JRE 1.6.x/6.x, Sun Java SDK 1.4.x, Red Hat Enterprise Linux 5 (Server)/Desktop 5/Desktop 6/HPC Node 6/Server 6/Workstation 6, Red Hat Enterprise Linux Extras v. 4, Red Hat Enterprise Linux Desktop Supplementary (v. 5 client)/Supplementary (v. 5 server)/Desktop Supplementary (v. 6)/HPC Node Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6)

回避策：アップデートにて対応, RHSA-2011:0856-1, RHSA-2011:0857-1, RHSA-2011:0860-1にて対応

脆弱性：データ操作, 機密情報の奪取, DoS攻撃, システムアクセス, 整数オーバーフローエラー, メモリ破壊, リモートコード実行, 解放後使用エラー, リモートコマンド実行

ソース：http://www.oracle.com/technetwork/java/javase/overview/index.html

http://www.oracle.com/technetwork/java/javase/overview/index-jsp-136246.html

http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html

http://www.redhat.com/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

https://rhn.redhat.com/errata/RHSA-2011-0856.html

https://rhn.redhat.com/errata/RHSA-2011-0857.html

https://rhn.redhat.com/errata/RHSA-2011-0860.html

http://www.zerodayinitiative.com/advisories/ZDI-11-182/

http://www.zerodayinitiative.com/advisories/ZDI-11-183/

http://www.zerodayinitiative.com/advisories/ZDI-11-184/

http://www.zerodayinitiative.com/advisories/ZDI-11-185/

http://www.zerodayinitiative.com/advisories/ZDI-11-186/

http://www.zerodayinitiative.com/advisories/ZDI-11-187/

http://www.zerodayinitiative.com/advisories/ZDI-11-188/

http://www.zerodayinitiative.com/advisories/ZDI-11-189/

http://www.zerodayinitiative.com/advisories/ZDI-11-190/

http://www.zerodayinitiative.com/advisories/ZDI-11-191/

http://www.zerodayinitiative.com/advisories/ZDI-11-192/

http://secunia.com/advisories/44784/

http://secunia.com/advisories/44818/

http://secunia.com/advisories/44880/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0788

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0817

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0863

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0864

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0868

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0869

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0872

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873

CVE：CVE-2011-0786, CVE-2011-0788, CVE-2011-0802, CVE-2011-0814, CVE-2011-0815, CVE-2011-0817, CVE-2011-0862, CVE-2011-0863, CVE-2011-0864, CVE-2011-0865, CVE-2011-0866, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871, CVE-2011-0872, CVE-2011-0873

危険性：High Risk

Red Hat Enterprise Linux Extras, RHEL Supplementary

ソフト名：Red Hat Enterprise Linux Extras v. 4, RHEL Supplementary (v. 5 server)/Desktop Supplementary (v. 5 client) (IBM Java 1.4.x/5.x/6.x)

回避策：RHSA-2011:0490-1にて対応

脆弱性：データ操作, DoS攻撃, システムアクセス, クラッシュ

ソース：http://www.redhat.com/

https://rhn.redhat.com/errata/RHSA-2011-0490.html

http://secunia.com/advisories/43295/

http://secunia.com/advisories/44464/

http://dvw-j.blogspot.com/2011/02/sun-java-ibm-java-ibm-websphere.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0311

CVE：CVE-2010-4447, CVE-2010-4448, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4466, CVE-2010-4473, CVE-2010-4475, CVE-2011-0311

危険性：High Risk

Red Hat Enterprise Linux Extras

ソフト名：Red Hat Enterprise Linux Extras v. 4/Supplementary (v. 5 server)/Supplementary (v. 5 client)/Desktop Supplementary (v. 6)/HPC Node Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6) (Sun JAVA 1.6.0 ibm))
回避策：RHSA-2011:0357-1にて対応
脆弱性：データ操作, 機密情報の奪取, DoS攻撃, システムアクセス, 無限ループ, リモートコード実行, ヒープメモリ破壊, 貼り付け操作強制, データの曝露
ソース：http://www.redhat.com/
http://www.redhat.com/rhel/details/features/
https://rhn.redhat.com/errata/RHSA-2011-0357.html
http://secunia.com/advisories/43262/
http://secunia.com/advisories/43657/
http://dvw-j.blogspot.com/2011/02/sun-java-ibm-java-ibm-websphere.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475
CVE：CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4471, CVE-2010-4473, CVE-2010-4475
危険性：High Risk

Red Hat Enterprise Linux Extras

ソフト名：Red Hat Enterprise Linux Extras v. 4/Desktop Supplementary (v. 5 client/v. 5 server)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6)
回避策：RHSA-2011:0301-1にて対応
脆弱性：システムアクセス, バッファオーバーフロー, アクションスクリプトの実行, メモリ破壊, 不正ライブラリのロード, リモートコード実行, XSS, 権限の昇格
ソース：http://www.redhat.com/
http://www.redhat.com/rhel/details/features/
https://rhn.redhat.com/errata/RHSA-2011-0301.html
http://secunia.com/advisories/43207/
http://secunia.com/advisories/43470/
http://dvw-j.blogspot.com/2011/02/adobe-flash-player-adobe-acrobat-adobe.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0589
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0590
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0592
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0593
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0596
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0600
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0602
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0603
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0604
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0606
CVE：CVE-2011-0562, CVE-2011-0563, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0585, CVE-2011-0586, CVE-2011-0587, CVE-2011-0589, CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595, CVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602, CVE-2011-0603, CVE-2011-0604, CVE-2011-0606
危険性：High Risk