{
  "schema_version": "1.7.0",
  "id": "MGASA-2013-0323",
  "published": "2013-11-13T19:05:43Z",
  "modified": "2013-11-13T19:05:40Z",
  "summary": "Updated java-1.6.0-openjdk package fixes multiple vulnerabilities",
  "details": "Updated java-1.6.0-openjdk packages fix security vulnerabilities:\n\nMultiple input checking flaws were found in the 2D component native image\nparsing code. A specially crafted image file could trigger a Java Virtual\nMachine memory corruption and, possibly, lead to arbitrary code execution\nwith the privileges of the user running the Java Virtual Machine\n(CVE-2013-5782).\n\nThe class loader did not properly check the package access for non-public\nproxy classes. A remote attacker could possibly use this flaw to execute\narbitrary code with the privileges of the user running the Java Virtual\nMachine (CVE-2013-5830).\n\nMultiple improper permission check issues were discovered in the 2D, CORBA,\nJNDI, and Libraries components in OpenJDK. An untrusted Java application or\napplet could use these flaws to bypass Java sandbox restrictions\n(CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5842, CVE-2013-5850).\n\nMultiple input checking flaws were discovered in the JPEG image reading and\nwriting code in the 2D component. An untrusted Java application or applet\ncould use these flaws to corrupt the Java Virtual Machine memory and bypass\nJava sandbox restrictions (CVE-2013-5809).\n\nThe FEATURE_SECURE_PROCESSING setting was not properly honored by the\njavax.xml.transform package transformers. A remote attacker could use this\nflaw to supply a crafted XML that would be processed without the intended\nsecurity restrictions (CVE-2013-5802).\n\nMultiple errors were discovered in the way the JAXP and Security components\nprocesses XML inputs. A remote attacker could create a crafted XML that\nwould cause a Java application to use an excessive amount of CPU and memory\nwhen processed (CVE-2013-5825, CVE-2013-4002, CVE-2013-5823).\n\nMultiple improper permission check issues were discovered in the Libraries,\nSwing, JAX-WS, JGSS, AWT, Beans, and Scripting components in OpenJDK. An\nuntrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions (CVE-2013-3829, CVE-2013-5840,\nCVE-2013-5774, CVE-2013-5783, CVE-2013-5820, CVE-2013-5849, CVE-2013-5790,\nCVE-2013-5784).\n\nIt was discovered that the 2D component image library did not properly\ncheck bounds when performing image conversions. An untrusted Java\napplication or applet could use this flaw to disclose portions of the Java\nVirtual Machine memory (CVE-2013-5778).\n\nMultiple input sanitization flaws were discovered in javadoc. When javadoc\ndocumentation was generated from an untrusted Java source code and hosted\non a domain not controlled by the code author, these issues could make it\neasier to perform cross-site scripting attacks (CVE-2013-5804,\nCVE-2013-5797).\n\nVarious OpenJDK classes that represent cryptographic keys could leak\nprivate key information by including sensitive data in strings returned by\ntoString() methods. These flaws could possibly lead to an unexpected\nexposure of sensitive key data (CVE-2013-5780).\n\nThe Java Heap Analysis Tool (jhat) failed to properly escape all data added\ninto the HTML pages it generated. Crafted content in the memory of a Java\nprogram analyzed using jhat could possibly be used to conduct cross-site\nscripting attacks (CVE-2013-5772).\n\nThe Kerberos implementation in OpenJDK did not properly parse KDC\nresponses. A malformed packet could cause a Java application using JGSS to\nexit (CVE-2013-5803).\n\nThis updates IcedTea6 to version 1.11.14, which fixes these issues, as well\nas several others.\n",
  "upstream": [
    "CVE-2013-3829",
    "CVE-2013-4002",
    "CVE-2013-5772",
    "CVE-2013-5774",
    "CVE-2013-5778",
    "CVE-2013-5780",
    "CVE-2013-5782",
    "CVE-2013-5783",
    "CVE-2013-5784",
    "CVE-2013-5790",
    "CVE-2013-5797",
    "CVE-2013-5802",
    "CVE-2013-5803",
    "CVE-2013-5804",
    "CVE-2013-5809",
    "CVE-2013-5814",
    "CVE-2013-5817",
    "CVE-2013-5820",
    "CVE-2013-5823",
    "CVE-2013-5825",
    "CVE-2013-5829",
    "CVE-2013-5830",
    "CVE-2013-5840",
    "CVE-2013-5842",
    "CVE-2013-5849",
    "CVE-2013-5850"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2013-0323.html"
    },
    {
      "type": "WEB",
      "url": "http://blog.fuseyism.com/index.php/2013/09/07/icedtea-1-11-13-released/"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
    },
    {
      "type": "WEB",
      "url": "https://rhn.redhat.com/errata/RHSA-2013-1505.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=11610"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:2",
        "name": "java-1.6.0-openjdk",
        "purl": "pkg:rpm/mageia/java-1.6.0-openjdk?arch=source&distro=mageia-2"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.0.0-44.b24.1.mga2"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}