Vulnerabilites related to oracle - jrockit
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "B1384D79-F9DA-44C5-A3C9-3CCE627B2255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "92EF1E3B-6EF8-499A-84EA-D7792B181CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "73185AEF-8CB1-4728-9E99-D0D2A3419D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "BEB76EC4-557F-4C67-BE1E-79E837043B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "C747C39A-145E-4648-99C2-0A8C7BA77F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "706F9471-3647-4D13-B794-4F53700091F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "1ED8B5A9-E738-430E-9FC6-206DFC98B965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "4AA3E574-DC5D-465B-95B8-CD1AF5433646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1A57E9-0134-466F-B8EE-9E38A844F865",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en Java SE, Java SE Embedded, componente JRockit de Oracle Java SE (subcomponente: Libraries). Versiones compatibles que est\u00e1n afectadas son Java SE: 6u131, 7u121 y 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Vulnerabilidad f\u00e1cilmente explotable permite a atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE, Java SE Embedded, JRockit. Ataques exitosos de esta vulnerabilidad pueden resultar en creaci\u00f3n, borrado o modificaci\u00f3n de acceso no autorizado a datos cr\u00edticos o a todos los datos accesibles de Java SE, Java SE Embedded, JRockit. Nota: Aplica a la implementaci\u00f3n de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s de aplicaciones y Java Web Start y applets de Java aisladas. Tambi\u00e9n puede ser explotada suministrando datos de APIs en el componente especificado sin utilizar aplicaciones Java Web Start o applets Java aisladas, como por ejemplo mediante un servicio web. CVSS v3.0 Base Score 7.5 (Impactos de Integridad)."
}
],
"id": "CVE-2016-5546",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-27T22:59:00.303",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95506"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-16 02:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| canonical | ubuntu_linux | 14.04 | |
| oracle | jrockit | r27.8.1 | |
| oracle | jrockit | r28.3.1 | |
| juniper | junos_space | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| ibm | forms_viewer | * | |
| ibm | forms_viewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFBC2BA-94F8-4D3B-9C70-3E9FA1F6E0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81434638-A069-4828-99FD-EEBAC3EB41CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B258D4C-2CAA-4493-8C35-E8A641A4FB14",
"versionEndExcluding": "15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "086781C9-08D6-4268-AEB4-F60365F51562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "DDD27C84-32AD-47CC-B47B-7FBA1321E717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F906BFD6-7654-46C5-8240-3A50949CAE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "E80738D2-3CE2-4EB6-AE4C-F90C2C93BFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "78BC97BC-F745-45E0-8749-41535F7C374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CA226495-4733-485A-9D53-85874434815D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "745E0942-12A9-49B3-851C-ED67F047BCEB",
"versionEndExcluding": "4.0.0.3",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5452C9C6-D761-4E3D-B7CF-C0AC55D08650",
"versionEndExcluding": "8.0.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JavaFX 2.2.51; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con 2D."
}
],
"id": "CVE-2014-2421",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-16T02:55:15.490",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66881"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-16 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jrockit | r27.8.1 | |
| oracle | jrockit | r28.3.1 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| canonical | ubuntu_linux | 14.04 | |
| juniper | junos_space | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| ibm | forms_viewer | * | |
| ibm | forms_viewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFBC2BA-94F8-4D3B-9C70-3E9FA1F6E0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81434638-A069-4828-99FD-EEBAC3EB41CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B258D4C-2CAA-4493-8C35-E8A641A4FB14",
"versionEndExcluding": "15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "086781C9-08D6-4268-AEB4-F60365F51562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "DDD27C84-32AD-47CC-B47B-7FBA1321E717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F906BFD6-7654-46C5-8240-3A50949CAE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "E80738D2-3CE2-4EB6-AE4C-F90C2C93BFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "78BC97BC-F745-45E0-8749-41535F7C374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CA226495-4733-485A-9D53-85874434815D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "745E0942-12A9-49B3-851C-ED67F047BCEB",
"versionEndExcluding": "4.0.0.3",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5452C9C6-D761-4E3D-B7CF-C0AC55D08650",
"versionEndExcluding": "8.0.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad y la integridad a trav\u00e9s de vectores desconocidos relacionados con la seguridad."
}
],
"id": "CVE-2014-0453",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-16T01:55:09.713",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59022"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59023"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59071"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59082"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59104"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59194"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59250"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59255"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59307"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59324"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59436"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59438"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59653"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59675"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59733"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60003"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60111"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60117"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60498"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60574"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60580"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61050"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61264"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66914"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21674530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21674530"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-18 13:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update191:*:*:*:*:*:*",
"matchCriteriaId": "0CC16ECF-A6C1-4B1F-B955-3A4694E0A899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "20B37A10-DB47-4CDA-8DAD-CA9BB4362935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update172:*:*:*:*:*:*",
"matchCriteriaId": "C6BB93E3-3983-40FD-A119-11334C707755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C103C17-E4A9-40A2-959B-29547D706DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update191:*:*:*:*:*:*",
"matchCriteriaId": "D3F946D7-1480-43D7-94B1-10274261922C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "F1CBA5EE-A49F-4000-8737-FC2C7F0E8CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update172:*:*:*:*:*:*",
"matchCriteriaId": "788BDADB-6F4E-4DFD-BE2E-2D9B3AFBA5CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EBB11AD-EA72-4C15-945E-D335A1BF0979",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "69344E69-AD89-4E0F-8F35-A207BE2FD23C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C18CA4B5-28FD-4199-B1F0-B1E59E920370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "9DBEE506-E864-4FC6-B5D3-7E134438592C",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E73AC99-34AC-4D4B-A946-34F33AAEC4A1",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "D4BE7695-11DB-4F04-A469-91A29A83B358",
"versionStartIncluding": "9.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Concurrency). Las versiones compatibles que se han visto afectadas son JavaSE: 6u191, 7u181, 8u172 y 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 3.7 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2952",
"lastModified": "2024-11-21T04:04:49.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-18T13:29:02.960",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104765"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1041302"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2241"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2242"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2253"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2254"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2255"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2256"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2283"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2286"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2568"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2569"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2575"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2576"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2712"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2713"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03882en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03928en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3734-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3735-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3747-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1041302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03882en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03928en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3734-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3735-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3747-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4268"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-21 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r28.3.9 | |
| redhat | icedtea7 | * | |
| oracle | linux | 5.0 | |
| oracle | linux | 6 | |
| oracle | linux | 7 | |
| redhat | enterprise_linux_desktop | 5.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 6.7.z | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update113:*:*:*:*:*:*",
"matchCriteriaId": "AE4602E8-1466-4148-BC89-7FAFFA14A886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update99:*:*:*:*:*:*",
"matchCriteriaId": "C3D13189-1F7B-482F-ABF7-CC8D563716C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update77:*:*:*:*:*:*",
"matchCriteriaId": "C6CAC2AE-7FB0-40F4-9A45-533943A35772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update113:*:*:*:*:*:*",
"matchCriteriaId": "F0D546F4-B709-4522-B84A-7D6C301814BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update99:*:*:*:*:*:*",
"matchCriteriaId": "0BF73F1C-91F1-41F6-956C-4A64603DCDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update77:*:*:*:*:*:*",
"matchCriteriaId": "CDF71474-FFBF-44A0-A5EC-CD3E50472D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7ACC3A-F8F4-4B53-981A-697569B172CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:icedtea7:*:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2A1A63BA-D559-4692-9C27-5F7402BD2353",
"versionEndIncluding": "2.6.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CCD459-9E6D-4731-8054-CDF8B58454A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39A901D6-0874-46A4-92A8-5F72C7A89E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*",
"matchCriteriaId": "AA856400-1B48-429A-94A0-173B7EEE1EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad a trav\u00e9s de vectores relacionados con Security."
}
],
"id": "CVE-2016-0695",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-21T10:59:55.117",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/86438"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1035596"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/86438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| oracle | jre | * | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| oracle | jre | * | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r27.7.1 | |
| oracle | jrockit | r27.7.2 | |
| oracle | jrockit | r27.7.3 | |
| oracle | jrockit | r27.7.4 | |
| oracle | jrockit | r27.7.5 | |
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| oracle | jrockit | r28.1.4 | |
| oracle | jrockit | r28.1.5 | |
| oracle | jrockit | r28.2.2 | |
| oracle | jrockit | r28.2.3 | |
| oracle | jrockit | r28.2.4 | |
| oracle | jrockit | r28.2.5 | |
| oracle | jrockit | r28.2.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "720419B2-5E62-4FE8-8A0E-A67436E9E3F5",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "47E3CD14-7C90-4ECF-BEB8-BCAD9EB5883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "56A0449D-E87C-4BAC-AEB3-3C3DBEC1BFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "6559C549-49B6-4784-A30E-605A5632B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B5802968-A12E-4938-B322-D1002F55D7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "91D354BB-6849-44B9-9E2A-0EEA66E4D9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "9FEFE472-63A9-4D02-A674-2EFA4C781D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "15CBCC05-5D20-4672-9BDD-879F8CB933FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "2769B772-C54F-486D-AE21-1EFF237ED5BA",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "239B595E-6A76-4F56-BBED-8D3606156CF4",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "5DE61035-9270-4CFE-A331-98D9203929F4",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "535FA154-AB3D-449E-94C4-DA2F023A57CD",
"versionEndIncluding": "r27.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C032857-3236-4300-8252-1ECA38C18FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DFD492-029A-4560-AFC0-56187B0F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E78A93E-1600-41CE-A315-E50C00A8A2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422B920-B9E9-4CF6-8BAF-974CDA1ECEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "63E65735-D861-4FEC-93B8-1769671E8B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "CBCCEDA8-1984-4E88-A838-294CD3D12857",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192167A3-A4D7-49D1-B21B-DC064E6CBE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D9DF02-2882-4AFF-AB72-A22C648AAB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8200-370E-4428-B124-05E1B1C35DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC02DC7-6076-4BBF-B384-DC02F5FA788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB3E3F-7DC6-4196-974F-5E16F404E3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3AAA87-E27E-44E7-9148-37CC05966595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, Java SE v6u60 y anteriores, Java SE v5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded v7u40 y anteriores permite a atacantes remotos afectar a la confidencialidad a trav\u00e9s de vectores desconocidos relacionados con las librer\u00edas."
}
],
"evaluatorComment": "Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\u0027Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\u0027",
"id": "CVE-2013-5780",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T15:55:34.443",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1018785"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/63115"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1018785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19101"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8556AADE-54E7-4D1B-A5AB-D37EF3B4962E",
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B92F025C-D612-4A64-B138-E6B4B113B504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JCE). Las versiones compatibles que se han visto afectadas son Java SE: 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en un acceso no autorizado a datos de suma importancia o un acceso completo a todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start en sandbox o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 7.5 (impactos en la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"id": "CVE-2017-10118",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:03.880",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99782"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-17 01:31
Modified
2024-11-21 04:05
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r28.3.19 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_eus | 7.6 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| hp | xp7_command_view | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update201:*:*:*:*:*:*",
"matchCriteriaId": "9C07DBB8-760D-4A9E-B7C7-A382D650658B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update191:*:*:*:*:*:*",
"matchCriteriaId": "ED6BF214-B45C-405E-83AC-C8A084A6E4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update182:*:*:*:*:*:*",
"matchCriteriaId": "95C4D08B-88BF-4299-90B8-51F6B214C3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update201:*:*:*:*:*:*",
"matchCriteriaId": "BBE0F763-B860-4B30-A5E9-2FCE78F5932D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update191:*:*:*:*:*:*",
"matchCriteriaId": "C192F54C-108C-4E40-BC29-CF911C3B9EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update182:*:*:*:*:*:*",
"matchCriteriaId": "B4154B5B-9E0A-46D0-9CE9-E393119ACAA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A79CBB94-4DCC-4346-ACB1-00B9E346E811",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "50B5212A-03DC-48D3-8734-7FAA20A48D7F",
"versionEndExcluding": "8.6.3-00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Sound). Las versiones compatibles que se han visto afectadas son JavaSE: 6u201, 7u191 y 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: esta vulnerabilidad se aplica a implementaciones Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o applets Java en sandbox (en Java SE 8) que cargan y ejecutan c\u00f3digo que no es de confianza (por ejemplo, c\u00f3digo proveniente de internet) y que conf\u00edan en el sandbox Java para protegerse. Esta vulnerabilidad tambi\u00e9n puede ser explotada mediante API en el componente especificado, por ejemplo, mediante un servicio web que proporciona datos a las API. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-3214",
"lastModified": "2024-11-21T04:05:27.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-17T01:31:23.510",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105615"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "B1384D79-F9DA-44C5-A3C9-3CCE627B2255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "92EF1E3B-6EF8-499A-84EA-D7792B181CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "73185AEF-8CB1-4728-9E99-D0D2A3419D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "BEB76EC4-557F-4C67-BE1E-79E837043B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "C747C39A-145E-4648-99C2-0A8C7BA77F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "706F9471-3647-4D13-B794-4F53700091F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "1ED8B5A9-E738-430E-9FC6-206DFC98B965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "4AA3E574-DC5D-465B-95B8-CD1AF5433646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1A57E9-0134-466F-B8EE-9E38A844F865",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en Java SE, Java SE Embedded, componente JRockit de Oracle Java SE (subcomponente: Networking). Versiones compatibles que est\u00e1n afectadas son Java SE: 6u131, 7u121 y 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Vulnerabilidad f\u00e1cilmente explotable permite a atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE, Java SE Embedded, JRockit. Ataques exitosos de esta vulnerabilidad pueden resultar en actualizaci\u00f3n no autorizada, inserci\u00f3n o borrado de acceso a algunos datos accesibles de Java SE, Java SE Embedded, JRockit. Nota: Aplica a la implementaci\u00f3n de cliente y servidor Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s aplicaciones Java Web Start y applets Java aisladas. Tambi\u00e9n puede ser explotada mediante el suministro de datos a las APIs en componente espec\u00edfico sin utilizar aplicaciones Java Web Start o applets Java aisladas, como a trav\u00e9s de un servicio web. CVSS v3.0 Base Score 5.3 (Impactos de Integridad)."
}
],
"id": "CVE-2016-5552",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-27T22:59:00.427",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95512"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037798"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "secalert_us@oracle.com",
"url": "https://source.android.com/security/bulletin/2017-02-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-02-01.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-21 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update113:*:*:*:*:*:*",
"matchCriteriaId": "AE4602E8-1466-4148-BC89-7FAFFA14A886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update99:*:*:*:*:*:*",
"matchCriteriaId": "C3D13189-1F7B-482F-ABF7-CC8D563716C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update77:*:*:*:*:*:*",
"matchCriteriaId": "C6CAC2AE-7FB0-40F4-9A45-533943A35772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update113:*:*:*:*:*:*",
"matchCriteriaId": "F0D546F4-B709-4522-B84A-7D6C301814BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update99:*:*:*:*:*:*",
"matchCriteriaId": "0BF73F1C-91F1-41F6-956C-4A64603DCDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update77:*:*:*:*:*:*",
"matchCriteriaId": "CDF71474-FFBF-44A0-A5EC-CD3E50472D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7ACC3A-F8F4-4B53-981A-697569B172CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la disponibilidad a trav\u00e9s de vectores relacionados con JAXP."
}
],
"id": "CVE-2016-3425",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-21T11:00:19.870",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/86434"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1035596"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/86434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-16 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9D903F51-44DE-4931-A904-F54A1ED2FA09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "F734AF76-4CEE-4F9D-AD6A-6BECF1F977CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "464AB16C-B25D-4FCA-AAA2-C6F4CF944628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76:*:*:*:*:*:*",
"matchCriteriaId": "A2C5FA21-4D3B-4739-92A1-B87A1A63F29B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "8348D050-22EF-49AC-960A-ADBA1441FFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update81:*:*:*:*:*:*",
"matchCriteriaId": "83A01BAA-3482-47EA-8C21-E60234ADBFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "E5937109-8325-4D2B-B15E-195833703569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update76:*:*:*:*:*:*",
"matchCriteriaId": "50E5F104-C20F-4E6B-AD70-8FEC1B9A9B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "BB2AF8BC-7643-4CBF-83C0-CA4656AC4FB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u81, 6u91, 7u76, y 8u40, y JRockit R28.3.5, permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores relacionados con JSSE."
}
],
"evaluatorComment": "Per Oracle: Applies to client and server deployment of JSSE. (http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html)",
"id": "CVE-2015-0488",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-16T16:59:39.727",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/74111"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032120"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-15 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ED5A7D-7C5F-494B-B71F-136FC4F60F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "091F8337-0581-4C70-85F2-4FB68087FE70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update_71:*:*:*:*:*:*",
"matchCriteriaId": "ABFFC778-4647-464C-8D4B-C5FFF9A8B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*",
"matchCriteriaId": "A96B7B6D-890C-4CAF-A273-01E17D3FDBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "1F19BFEB-7202-4156-893E-576486FCCA63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update_71:*:*:*:*:*:*",
"matchCriteriaId": "2537DFD3-4ACE-4448-964A-18CE2B8C71BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*",
"matchCriteriaId": "6D7DEDD2-FEF2-4FEC-B9BF-C1C3FA247A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*",
"matchCriteriaId": "CE789D26-302F-44CF-AF63-EA0BA73E49E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "A85E8DD9-9B00-4C7E-802D-6E6A1BD3B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "D776872E-A50A-498D-A68B-84DD910ED429",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Oracle Java SE 5.0u71, 6u81, 7u67, y 8u20; Java SE Embedded 7u60; y JRockit R27.8.3 y R28.3.3 permite a atacantes remotos afectar a la integridad a trav\u00e9s de vectores relacionados con las librer\u00edas."
}
],
"id": "CVE-2014-6512",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-15T22:55:06.700",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/70567"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r28.3.17 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| schneider-electric | struxureware_data_center_expert | * | |
| schneider-electric | struxureware_data_center_expert | * | |
| hp | xp7_command_view | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "5B9A0DD9-878D-42E8-AA57-283E5D1E0A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A396-AF98-46BD-8B73-8CAC02BF12B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "4009C7E0-94C7-4838-94CF-5607D7C575CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "DD3B3C9B-A53B-4921-8F5F-FF118283D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "038F6540-6674-4D7A-9A70-A62B0F3C9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "0F88A87F-D142-4FFD-8121-52FC9A4B70E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1642001C-E9BB-476F-A092-8FDB50B00A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, y JRockit de Oracle Java SE (subcomponente: RMI). Las versiones compatibles que se han visto afectadas son JavaSE: 6u181, 7u171 y 8u162; JRockit: R28.3.17. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante. Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de algunos de los datos accesibles de Java SE y JRockit, as\u00ed como el acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de Java SE y JRockit. Nota: Esta vulnerabilidad s\u00f3lo puede ser explotada proporcionando datos a las API en los Componentes especificados sin emplear aplicaciones Java Web Start que no son de confianza o applets Java que no son de confianza, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 4.2 (impactos de confidencialidad e integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)."
}
],
"id": "CVE-2018-2800",
"lastModified": "2024-11-21T04:04:29.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-19T02:29:03.943",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103849"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JNDI). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 4.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2678",
"lastModified": "2024-11-21T04:04:13.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:22.697",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102659"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B92F025C-D612-4A64-B138-E6B4B113B504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Serialization). Las versiones compatibles que se han visto afectadas son JavaSE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos de esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad se aplica a implementaciones Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o applets Java en sandbox que cargan y ejecutan c\u00f3digo que no es de confianza (por ejemplo, c\u00f3digo proveniente de internet) y que conf\u00edan en la sandbox de Java para protegerse. Esta vulnerabilidad no se aplica a implementaciones Java, normalmente en servidores, que solo cargan y ejecutan c\u00f3digo de confianza (por ejemplo, c\u00f3digo instalado por un administrador). CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2017-10109",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:03.587",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99847"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r28.3.13 | |
| redhat | satellite | 5.8 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | icedtea | * | |
| android | 4.4.4 | ||
| android | 5.0.2 | ||
| android | 5.1.1 | ||
| android | 6.0 | ||
| android | 6.0.1 | ||
| android | 7.0 | ||
| android | 7.1.1 | ||
| android | 7.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "8FD0F2F0-F307-4F3A-B719-D658467D6B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "2BBA8749-EFC2-4055-A8AB-56D660C0BB70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*",
"matchCriteriaId": "34D1F91C-50D2-4D6A-BF4B-1B86F6909565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "2A34F55B-3945-412E-80BD-23F39B3D68D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*",
"matchCriteriaId": "7C4946FF-E16B-4188-8BEA-1D5ABFBD54DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*",
"matchCriteriaId": "E463AEAC-F5DB-47E4-B863-E5D636895C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FA90A3B9-9749-44F5-BAFC-40BA2BD37B43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B92D4C9E-8707-4E05-B12D-28C1AFCE2637",
"versionEndExcluding": "3.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CEEA22-63B4-4702-A400-01349DF0EC1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9915371-C730-41F7-B86E-7E4DE0DF5385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D94CDD-DE7B-444E-A3AE-AE9C9A779374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691FA41B-C2CE-413F-ABB1-0B22CB322807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09E6085C-A61E-4A89-BF80-EDD9A7DF1E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D835D592-2423-44C6-804A-3AD010112E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "568E2561-A068-46A2-B331-BBA91FC96F0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE, Java SE Embedded, JRockit de Oracle Java SE (subcomponente: Networking). Versiones compatibles que son afectadas son Java SE: 6u141, 7u131 y 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Vulnerabilidad dificil de explotar no permite autenticado atacante con acceso a la red a trav\u00e9s de SMTP para comprometer Java SE, Java SE Embedded, JRockit. Los ataques exitosos de esta vulnerabilidad pueden resultar en la actualizaci\u00f3n, inserci\u00f3n o eliminaci\u00f3n de acceso no autorizados a algunos de los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Se aplica a la implementaci\u00f3n de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s de aplicaciones de Java Web Start y de Java. Tambi\u00e9n se puede explotar mediante el suministro de datos a las API en el Componente especificado sin utilizar aplicaciones de Java Web Start en modo recinto de seguridad o complementos de Java protegidos, como a trav\u00e9s de un servicio web.CVSS 3.0 Base Score 3.7 (Impactos de integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
}
],
"id": "CVE-2017-3544",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T19:59:04.253",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97745"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-15 16:08
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "51A52105-35B8-4D16-88BE-D6F81BC7B0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C9394F13-201D-42BD-8B48-E4F9FEE41477",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A5226952-1972-4572-9F8C-C90D89040FD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "105B15BC-6764-41C3-847D-BA1396CC034F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "BBCFEADF-7282-4C56-813B-A5DEAD9BF17B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update55:*:*:*:*:*:*",
"matchCriteriaId": "3A3360E8-7FF0-41CF-A84A-06D498A97C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update55:*:*:*:*:*:*",
"matchCriteriaId": "F831C70D-2CD9-4579-9DED-D1BE6701965E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 50.u55, 6u65 y 7u45; JRockit R27.7.7 y R28.2.9; y Java SE Embedded 7u45 permite a usuarios remotos autenticados afectar la confidencialidad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Beans."
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\n\n\"Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\"",
"id": "CVE-2014-0423",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-15T16:08:10.267",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56432"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56485"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56486"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56487"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56535"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59283"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60568"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/64914"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90340"
},
{
"source": "secalert_us@oracle.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | * | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| oracle | jre | * | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r27.7.1 | |
| oracle | jrockit | r27.7.2 | |
| oracle | jrockit | r27.7.3 | |
| oracle | jrockit | r27.7.4 | |
| oracle | jrockit | r27.7.5 | |
| oracle | jre | * | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| oracle | jrockit | r28.1.4 | |
| oracle | jrockit | r28.1.5 | |
| oracle | jrockit | r28.2.2 | |
| oracle | jrockit | r28.2.3 | |
| oracle | jrockit | r28.2.4 | |
| oracle | jrockit | r28.2.5 | |
| oracle | jrockit | r28.2.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "CBCCEDA8-1984-4E88-A838-294CD3D12857",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "2769B772-C54F-486D-AE21-1EFF237ED5BA",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "5DE61035-9270-4CFE-A331-98D9203929F4",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "535FA154-AB3D-449E-94C4-DA2F023A57CD",
"versionEndIncluding": "r27.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C032857-3236-4300-8252-1ECA38C18FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DFD492-029A-4560-AFC0-56187B0F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E78A93E-1600-41CE-A315-E50C00A8A2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422B920-B9E9-4CF6-8BAF-974CDA1ECEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "63E65735-D861-4FEC-93B8-1769671E8B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "239B595E-6A76-4F56-BBED-8D3606156CF4",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "720419B2-5E62-4FE8-8A0E-A67436E9E3F5",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "47E3CD14-7C90-4ECF-BEB8-BCAD9EB5883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "56A0449D-E87C-4BAC-AEB3-3C3DBEC1BFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "6559C549-49B6-4784-A30E-605A5632B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B5802968-A12E-4938-B322-D1002F55D7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "91D354BB-6849-44B9-9E2A-0EEA66E4D9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "9FEFE472-63A9-4D02-A674-2EFA4C781D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "15CBCC05-5D20-4672-9BDD-879F8CB933FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192167A3-A4D7-49D1-B21B-DC064E6CBE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D9DF02-2882-4AFF-AB72-A22C648AAB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8200-370E-4428-B124-05E1B1C35DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC02DC7-6076-4BBF-B384-DC02F5FA788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB3E3F-7DC6-4196-974F-5E16F404E3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3AAA87-E27E-44E7-9148-37CC05966595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores relacionados con JAXP."
}
],
"evaluatorComment": "Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\u0027Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\u0027",
"id": "CVE-2013-5825",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.757",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/63101"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19046"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-17 11:17
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8E9E72-0EA1-4595-957C-233BD096361C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADC20AB-059F-4AC3-955E-40C2912567BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "D45936B7-1B87-48DC-9107-251AE67FAAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "55DD4CE6-1308-473C-AEB3-21E0BF8DAF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "242A511F-2297-41CD-8C85-D7ADF8F7A520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "DD44ADE7-AF7D-400B-8175-20DCDB5EAC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "22A77F67-59C1-447E-B68B-BF5D9EDB1437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "A85E8DD9-9B00-4C7E-802D-6E6A1BD3B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "EC475CE8-9480-46FE-8005-BDD4F97EA872",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to \"Diffie-Hellman key agreement.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60, y 8u5, y JRockit R27.8.2 y R28.3.2, permite a atacantes remotos afectar a la confidencialidad y la integridad a trav\u00e9s de vectores desconocidos relacionados con el \u0027Acuerdo de Claves Diffie-Hellman\u0027"
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html\n\n\"Applies to Diffie-Hellman key agreement in client and server deployment of Java.\"",
"id": "CVE-2014-4263",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-17T11:17:10.953",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/58830"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59404"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59503"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59680"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59924"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59985"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59986"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59987"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60002"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60031"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60032"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60081"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60129"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60180"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60245"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60317"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60326"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60335"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60485"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60497"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60622"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60812"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60817"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60831"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60839"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60846"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60890"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61215"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61254"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61264"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61278"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61293"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61469"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61577"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61640"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61846"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/62314"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/62319"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21681644"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/68636"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94606"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21681644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:03
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Libraries). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos de esta vulnerabilidad pueden resultar en un acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de Java SE, JRockit y Java SE Embedded. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 3.7 (impactos en la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."
}
],
"id": "CVE-2018-2579",
"lastModified": "2024-11-21T04:03:58.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:18.227",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102663"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-15 15:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ED5A7D-7C5F-494B-B71F-136FC4F60F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "091F8337-0581-4C70-85F2-4FB68087FE70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update_71:*:*:*:*:*:*",
"matchCriteriaId": "ABFFC778-4647-464C-8D4B-C5FFF9A8B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*",
"matchCriteriaId": "A96B7B6D-890C-4CAF-A273-01E17D3FDBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update67:*:*:*:*:*:*",
"matchCriteriaId": "FCF8778E-09C0-4569-A06F-91B6BC9ABFA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "1F19BFEB-7202-4156-893E-576486FCCA63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update_71:*:*:*:*:*:*",
"matchCriteriaId": "2537DFD3-4ACE-4448-964A-18CE2B8C71BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*",
"matchCriteriaId": "6D7DEDD2-FEF2-4FEC-B9BF-C1C3FA247A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*",
"matchCriteriaId": "CE789D26-302F-44CF-AF63-EA0BA73E49E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "A85E8DD9-9B00-4C7E-802D-6E6A1BD3B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "D776872E-A50A-498D-A68B-84DD910ED429",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Oracle Java SE 5.0u71, 6u81, 7u67, y 8u20; Java SE Embedded 7u60; y JRockit R27.8.3, y R28.3.3 permite a atacantes remotos afectar la confidencialidad y la integridad a trav\u00e9s de vectores relacionados con JSSE."
}
],
"id": "CVE-2014-6457",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-15T15:55:07.790",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61635"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/70538"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2025-05-06 15:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 10 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 10 | |
| oracle | jrockit | r28.3.17 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| schneider-electric | struxureware_data_center_expert | * | |
| hp | xp7_command_view | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "5B9A0DD9-878D-42E8-AA57-283E5D1E0A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A396-AF98-46BD-8B73-8CAC02BF12B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "4009C7E0-94C7-4838-94CF-5607D7C575CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0231D6-CA6A-4F76-997A-93AFB840CAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "DD3B3C9B-A53B-4921-8F5F-FF118283D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "038F6540-6674-4D7A-9A70-A62B0F3C9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "0F88A87F-D142-4FFD-8121-52FC9A4B70E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:10:*:*:*:*:*:*:*",
"matchCriteriaId": "095351DA-F50B-4BAF-A4EF-A9C1F8E40E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:-:*:*:*:advanced:*:*:*",
"matchCriteriaId": "0F572462-50D0-4567-8C72-4A9C3054EDCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Serialization). Las versiones compatibles que se han visto afectadas son JavaSE: 6u181, 7u171, 8u162 y 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2815",
"lastModified": "2025-05-06T15:15:56.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2018-04-19T02:29:04.630",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103848"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Libraries). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 4.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2663",
"lastModified": "2024-11-21T04:04:11.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:22.007",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102662"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "04C71221-E477-4DF8-B10A-3AC64511E4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "FF7DE0E6-F329-417B-8035-B4EBF9C97483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "220536FA-695D-4DE8-9813-494E3D061B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "ACB55CC5-0EC7-44B2-B5A9-A5B1EE584791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "4F6B5E73-6751-475A-B9BF-3414D3476208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "7CB654DC-1D3D-4475-8815-335AC573F54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF26274E-5364-4FC1-9603-A78C365596DB",
"versionEndIncluding": "r27.7.6",
"versionStartIncluding": "r27.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "583E7A18-48C5-4AEE-A9C1-239D678E275A",
"versionEndIncluding": "r28.2.8",
"versionStartIncluding": "r28.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CF65201D-8980-450A-A542-3B5473A6F374",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E51D5AEF-B3D4-4782-9988-BC1DB3F3F296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E179FC2F-C700-4998-9D7A-3B945874CAC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2341D5E7-15CD-4C8F-ABE8-AA915BFA2804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "474DC3BA-27F2-452A-85AD-BCC476EDD35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "997CA07C-EBB7-4D7F-AF23-A161817BF4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFE87FC-7B77-4840-8185-1707CB37323B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C77DD8B3-A227-4350-8699-FEC822119393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA56704-18EB-4F3B-A36F-BCEF67B07C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "420CC5FF-0300-4FA7-AB53-78C1A0B83C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B7132A0E-C2A1-403E-9516-A6911563D7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA797-ED68-426E-9370-E16C90075E01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2F6EF3-721A-43AB-AAFD-BE3EEDB0AA61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*",
"matchCriteriaId": "F5027746-8216-452D-83C5-2F8E9546F2A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40363692-5283-4D0C-BAE1-C049C02A0294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F805BA3A-178D-416E-9DED-4258F71A17C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A40AC14-AC2B-4A0D-A9CC-3A00B48D8975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1554D69E-D68E-46CA-B1F7-C24CAABF58E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C684FC45-C9BA-4EF0-BD06-BB289450DD21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*",
"matchCriteriaId": "F5027746-8216-452D-83C5-2F8E9546F2A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*",
"matchCriteriaId": "4339DE06-19FB-4B8E-B6AE-3495F605AD05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*",
"matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "252CF7A7-3FEB-4503-AEE8-B67139C5B0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "79D7DBBA-6849-45F7-AFEF-C765569C481A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_sdk:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2C634990-2690-4E3B-B21F-6687A6A34644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_sdk:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "73B7BC23-6CCA-41B2-8F61-EDB95F1AFB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
"matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*",
"matchCriteriaId": "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
"matchCriteriaId": "DB4D6749-81A1-41D7-BF4F-1C45A7F49A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:xerces2_java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFD62E4-794A-43C0-8C65-A44D970D1569",
"versionEndExcluding": "2.12.0",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
},
{
"lang": "es",
"value": "XMLscanner.java en Apache Xerces2 Java Parser, en versiones anteriores a la 2.12.0, tal y como se emple\u00f3 en Java Runtime Environment (JRE) en IBM Java, en versiones 5.0 anteriores a la 5.0 SR16-FP3, 6 anteriores a la 6 SR14, 6.0.1 anteriores a la 6.0.1 SR6 y 7 anteriores a la 7 SR5, as\u00ed como en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, Java SE Embedded 7u40 y anteriores y, posiblemente, otros productos, permite que los atacantes remotos realicen una denegaci\u00f3n de servicio (DoS) mediante vectores relacionados con los nombres de atributo XML."
}
],
"id": "CVE-2013-4002",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.790",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/56257"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61310"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"source": "psirt@us.ibm.com",
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"source": "psirt@us.ibm.com",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "psirt@us.ibm.com",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "psirt@us.ibm.com",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/56257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-16 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| canonical | ubuntu_linux | 14.04 | |
| oracle | jrockit | r27.8.1 | |
| oracle | jrockit | r28.3.1 | |
| juniper | junos_space | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| ibm | forms_viewer | * | |
| ibm | forms_viewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFBC2BA-94F8-4D3B-9C70-3E9FA1F6E0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81434638-A069-4828-99FD-EEBAC3EB41CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B258D4C-2CAA-4493-8C35-E8A641A4FB14",
"versionEndExcluding": "15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "086781C9-08D6-4268-AEB4-F60365F51562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "DDD27C84-32AD-47CC-B47B-7FBA1321E717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F906BFD6-7654-46C5-8240-3A50949CAE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "E80738D2-3CE2-4EB6-AE4C-F90C2C93BFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "78BC97BC-F745-45E0-8749-41535F7C374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CA226495-4733-485A-9D53-85874434815D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "745E0942-12A9-49B3-851C-ED67F047BCEB",
"versionEndExcluding": "4.0.0.3",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5452C9C6-D761-4E3D-B7CF-C0AC55D08650",
"versionEndExcluding": "8.0.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Hotspot."
}
],
"id": "CVE-2014-0456",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-16T01:55:09.773",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66877"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-19 17:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "7037AEF9-403D-43EC-ABBB-B46619241586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "B781F1F7-DE18-41F7-83C1-8690B0884DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "6D36F2A6-1329-4D74-BADC-C22D46CF7CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270968EC-7662-41E1-BA9B-D259BEC53A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "D53D6C3C-C8F3-4FF4-AE9C-1BFF14E74EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "71219100-B476-4062-A40A-13F1B8C7DAED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "FCC055BA-0D21-4D2B-AC9B-B81B8468860C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66910F84-DDFD-4BA8-BE7F-44EB5E3F9C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "66CB92D2-A529-4912-9D59-40EAC3F5D674",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*",
"matchCriteriaId": "280520BC-070C-4423-A633-E6FE45E53D57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*",
"matchCriteriaId": "1AEFF829-A8F2-4041-8DDF-E705DB3ADED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "6BF60DAD-DAA2-4543-B82E-8E17F7B1DA06",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Serialization). Las versiones compatibles que se han visto afectadas son Java SE: 6u161, 7u151, 8u144 y 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2017-10281",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-19T17:29:02.107",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101378"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "B1384D79-F9DA-44C5-A3C9-3CCE627B2255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "92EF1E3B-6EF8-499A-84EA-D7792B181CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "73185AEF-8CB1-4728-9E99-D0D2A3419D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "BEB76EC4-557F-4C67-BE1E-79E837043B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "C747C39A-145E-4648-99C2-0A8C7BA77F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "706F9471-3647-4D13-B794-4F53700091F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "1ED8B5A9-E738-430E-9FC6-206DFC98B965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "4AA3E574-DC5D-465B-95B8-CD1AF5433646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1A57E9-0134-466F-B8EE-9E38A844F865",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE, Java SE Embedded, JRockit de Oracle Java SE (Subcomponente: 2D). Versiones compatibles que est\u00e1n afectadas son Java SE: 6u131, 7u121 y 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Vulnerabilidad f\u00e1cilmente explotable permite a atacantes no autenticados con acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometer Java SE, Java SE Embedded, JRockit. Ataques exitosos de esta vulnerabilidad pueden resultar en a capacidad no autorizada para causar un bloqueo o frecuencia de bloqueo repetido (DOS completo) de Java SE, Java SE Embedded, JRockit. Nota: Aplica a la implementaci\u00f3n de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s de aplicaciones Java Web Start y applets Java aislados. Tambi\u00e9n puede ser explotada suministrando datos de APIs en el componente especificado sin utilizar aplicaciones Java Web Start o applets Java aislados, como por ejemplo mediante un servicio web. CVSS v3.0 Base Score 7.5 (Impactos de Disponibilidad)."
}
],
"id": "CVE-2017-3253",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-27T22:59:02.727",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95498"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:03
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: LDAP). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante con pocos privilegios que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos de esta vulnerabilidad pueden resultar en un acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de Java SE, JRockit y Java SE Embedded. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 4.3 (impactos en la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
}
],
"id": "CVE-2018-2588",
"lastModified": "2024-11-21T04:03:59.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:18.600",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102661"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 10 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 10 | |
| oracle | jrockit | r28.3.17 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| hp | xp7_command_view | * | |
| schneider-electric | struxureware_data_center_expert | * | |
| apache | xerces-j | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A396-AF98-46BD-8B73-8CAC02BF12B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "4009C7E0-94C7-4838-94CF-5607D7C575CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0231D6-CA6A-4F76-997A-93AFB840CAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "038F6540-6674-4D7A-9A70-A62B0F3C9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "0F88A87F-D142-4FFD-8121-52FC9A4B70E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:10:*:*:*:*:*:*:*",
"matchCriteriaId": "095351DA-F50B-4BAF-A4EF-A9C1F8E40E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:xerces-j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F33C2357-B184-4B52-9371-64A45FE0CE23",
"versionEndExcluding": "2.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JAXP). Las versiones compatibles que se han visto afectadas son JavaSE: 7u171, 8u162 y 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2799",
"lastModified": "2024-11-21T04:04:29.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-19T02:29:03.880",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103872"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d%40%3Cfop-dev.xmlgraphics.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307%40%3Cuser.spark.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d%40%3Cfop-dev.xmlgraphics.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307%40%3Cuser.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-19 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | jdk | 1.7.0 | |
| sun | jre | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| sun | jdk | * | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jre | * | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jdk | * | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jre | * | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jdk | * | |
| sun | jdk | 1.4.2 | |
| sun | jdk | 1.4.2_1 | |
| sun | jdk | 1.4.2_2 | |
| sun | jdk | 1.4.2_3 | |
| sun | jdk | 1.4.2_4 | |
| sun | jdk | 1.4.2_5 | |
| sun | jdk | 1.4.2_6 | |
| sun | jdk | 1.4.2_7 | |
| sun | jdk | 1.4.2_8 | |
| sun | jdk | 1.4.2_9 | |
| sun | jdk | 1.4.2_10 | |
| sun | jdk | 1.4.2_11 | |
| sun | jdk | 1.4.2_12 | |
| sun | jdk | 1.4.2_13 | |
| sun | jdk | 1.4.2_14 | |
| sun | jdk | 1.4.2_15 | |
| sun | jdk | 1.4.2_16 | |
| sun | jdk | 1.4.2_17 | |
| sun | jdk | 1.4.2_18 | |
| sun | jdk | 1.4.2_19 | |
| sun | jdk | 1.4.2_20 | |
| sun | jdk | 1.4.2_21 | |
| sun | jdk | 1.4.2_22 | |
| sun | jdk | 1.4.2_23 | |
| sun | jdk | 1.4.2_24 | |
| sun | jdk | 1.4.2_25 | |
| sun | jdk | 1.4.2_26 | |
| sun | jdk | 1.4.2_27 | |
| sun | jdk | 1.4.2_28 | |
| sun | jdk | 1.4.2_29 | |
| sun | jdk | 1.4.2_30 | |
| sun | jdk | 1.4.2_31 | |
| sun | jdk | 1.4.2_32 | |
| sun | jre | * | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_1 | |
| sun | jre | 1.4.2_2 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_4 | |
| sun | jre | 1.4.2_5 | |
| sun | jre | 1.4.2_6 | |
| sun | jre | 1.4.2_7 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.4.2_13 | |
| sun | jre | 1.4.2_14 | |
| sun | jre | 1.4.2_15 | |
| sun | jre | 1.4.2_16 | |
| sun | jre | 1.4.2_17 | |
| sun | jre | 1.4.2_18 | |
| sun | jre | 1.4.2_19 | |
| sun | jre | 1.4.2_20 | |
| sun | jre | 1.4.2_21 | |
| sun | jre | 1.4.2_22 | |
| sun | jre | 1.4.2_23 | |
| sun | jre | 1.4.2_24 | |
| sun | jre | 1.4.2_25 | |
| sun | jre | 1.4.2_26 | |
| sun | jre | 1.4.2_27 | |
| sun | jre | 1.4.2_28 | |
| sun | jre | 1.4.2_29 | |
| sun | jre | 1.4.2_30 | |
| sun | jre | 1.4.2_31 | |
| sun | jre | 1.4.2_32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "893B13BC-9448-4AFD-BCC4-F289A523949B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD3FC81B-4E54-44D8-8118-1E256FE619E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE4B7CD-9510-4EA2-85A0-3266DB0D6082",
"versionEndIncluding": "r28.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "9F67F2BE-367C-4700-AE28-DA082325FF9D",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "ECEDE405-CEF6-4E52-A8AE-28B9274B2289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "B5559C2B-9A93-4EFC-BE31-32C9ADD4D5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "029E1F1D-2A77-4258-9D4F-6D31E827DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "0D2F2BE2-3022-4DC9-8505-F597F8CE1192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "A44CCE27-EE9F-4A66-B65A-24D015CE2764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "3FB18875-CC4B-49AC-B038-44824BECBB7E",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "188D2242-7D16-4F8E-AB61-4663804AAC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "40271AA6-B0E7-461D-8903-414FE4E7109D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "2231339D-4DF9-43CA-BC63-BD1EE1C17759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "A67ACAEB-D1B4-42C7-BEEC-8B5D8AFEBCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "342D28DD-2AF4-489F-BAC7-29745C153726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update31:*:*:*:*:*:*",
"matchCriteriaId": "3CF9A144-2F2C-4E04-A474-45EE2074B5B9",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update31:*:*:*:*:*:*",
"matchCriteriaId": "019C8A1B-75CF-4639-BD68-AE431CC356D7",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A54FCC-F062-402B-ABCB-E8421BF5A265",
"versionEndIncluding": "1.4.2_33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E5ACCC-F82F-42F8-860A-92765D0F0B28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9CA652-9B8C-4175-9ED8-71F441ADF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "93B973CB-25CE-4CA4-A4F8-577ED9ACEFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "00F66ED4-F74A-4F61-B01C-122DC98D5324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "7321A75D-AC6E-486E-8911-AF66A992C8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D70B8B14-B4A2-4D05-B999-E2840A2365E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EDC5EB-2E48-462E-BA0B-217BC470DFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1D44C4-E43A-4D63-A5C9-76E885D3B436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "52E30E1D-2766-4E79-B9C7-7B998E23A49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9872BC-5A24-4855-8D01-4C43BBF5C265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "E94D13A6-E832-4BDF-8AF2-A4E0EF7DCBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5EFE8C-B098-460C-AFE5-C5A938599F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "040AD56D-A0B7-4AF7-AF3D-4B4BD802516D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F7DF1-E117-4FD4-9A63-D05747727D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "D63DF43C-4781-4E0F-89C4-0BFC841A0488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "6D29842F-2185-46C5-8091-23ECB06CB680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF285D8-6E75-4932-A28B-639DA07F1124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_17:*:*:*:*:*:*:*",
"matchCriteriaId": "817C3737-F625-4EE9-BB5C-D4B624EF0DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_18:*:*:*:*:*:*:*",
"matchCriteriaId": "3A152C0A-65CE-438D-8B53-32D1EFC019F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_19:*:*:*:*:*:*:*",
"matchCriteriaId": "BA8DEFA1-AAA4-4AA2-859F-257B9B4D2B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_20:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D4AA46-B38D-4A80-A36F-979FA1EAB35E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_21:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E3A6C-2C32-40D6-9158-A5C6EDF6634A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_22:*:*:*:*:*:*:*",
"matchCriteriaId": "61D91803-E776-40E9-9038-300CBEDE951E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_23:*:*:*:*:*:*:*",
"matchCriteriaId": "933B79BF-1243-43CC-BD05-23DB0FD51B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_24:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6131D2-AB88-44EB-811C-A860647ED897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_25:*:*:*:*:*:*:*",
"matchCriteriaId": "20E63A14-0C67-42E7-9AA2-9FE32D82E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_26:*:*:*:*:*:*:*",
"matchCriteriaId": "59876E98-38A8-4179-AF7B-2189986CA79B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_27:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AE3C30-E7B7-422F-9E8C-496E12D8E5D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_28:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5D0A7E-3B1A-4FA9-9C6B-4F594DDC94AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_29:*:*:*:*:*:*:*",
"matchCriteriaId": "B07C6273-0863-405F-B086-2102DDE6B119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_30:*:*:*:*:*:*:*",
"matchCriteriaId": "396C5B70-314F-4FBF-BEA8-A254F83F3634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_31:*:*:*:*:*:*:*",
"matchCriteriaId": "1B930117-97F7-4DBC-A801-34B32B6D3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_32:*:*:*:*:*:*:*",
"matchCriteriaId": "FF500A3A-724D-498F-BC25-E2A0E22D0915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCE2D17-1134-47F0-8A50-05618F7D2DD2",
"versionEndIncluding": "1.4.2_33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "6C660DE4-543A-4E9B-825D-CD099D08CBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "318719C9-7B01-4021-B2EF-8341254DFE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8FA9BA-51CA-4473-9FE1-9A32FB8C8041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5E64B6-77DA-44BC-B646-AE01041B1830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA35E80-9E0E-4A26-B631-A61542BE4739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEB5367-1BB8-4ED3-8C04-ABA6BAA5AD10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*",
"matchCriteriaId": "BED9E7C8-0418-4733-A496-61CCFD638859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*",
"matchCriteriaId": "6566CE32-E042-424A-893B-C8A9E26E2869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*",
"matchCriteriaId": "B760192E-7193-4FEF-8FFA-680AC89D45A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*",
"matchCriteriaId": "1C020210-8EBA-41D2-BE4A-962CD902857C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*",
"matchCriteriaId": "076444F1-543E-4061-9D39-415A1A889F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*",
"matchCriteriaId": "B29C4AA1-30F8-4AA3-A8B5-4125CF9B66F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_27:*:*:*:*:*:*:*",
"matchCriteriaId": "45BD257F-4310-44C7-A304-2F174FA93C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_28:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7B39AB-4B2E-40A2-9FB9-0E209DC7F24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_29:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF9D788-1A3A-4988-8C7B-AFF0E81C68CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_30:*:*:*:*:*:*:*",
"matchCriteriaId": "50B3174A-58BB-469D-BB32-D503DBE58832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_31:*:*:*:*:*:*:*",
"matchCriteriaId": "2F82BE05-5170-4F9B-ADE8-935F5BC1BABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_32:*:*:*:*:*:*:*",
"matchCriteriaId": "DD793765-DA0B-422C-BD31-DA48A8F6EC7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE JDK y JRE 7, 6 Update 27 y versiones anteriores, 5.0 Update 31 y versiones anteriores, 1.4.2_33 y versiones anteriores y JRockit R28.1.4 y versiones anteriores permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad, relacionada con RMI, una vulnerabilidad diferente a CVE-2011-3557."
}
],
"id": "CVE-2011-3556",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-19T21:55:01.613",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/76505"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48692"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/49198"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/50231"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70837"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14316"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www.kb.cert.org/vuls/id/597809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/76505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/597809"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-17 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | fusion_middleware | - | |
| oracle | jrockit | * | |
| oracle | jrockit | * | |
| oracle | jrockit | r27.1 | |
| oracle | jrockit | r27.2 | |
| oracle | jrockit | r27.3 | |
| oracle | jrockit | r27.3.1 | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| oracle | jrockit | r28.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:fusion_middleware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1828F4F0-FB4B-4E19-9F6D-77E7D017A21D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53150C54-F2BB-491C-A8C8-AD4C74BD07C7",
"versionEndIncluding": "r27.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67958DB2-50AD-4F2A-91AB-CC8623DD7935",
"versionEndIncluding": "r28.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4873B9FF-0BA4-45AE-834A-C23AE80A2B48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39274558-2ECB-43CE-BAEF-DBD3AAC1BD05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.3:*:*:*:*:*:*:*",
"matchCriteriaId": "72DA7B82-EC3B-4458-B040-6F9D1AE23DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "267F16DF-D868-4DD9-8670-01AC3CBCE716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Oracle JRockit en Oracle Fusion Middleware R27.7.4 y anteriores y R28.2.6 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos. NOTA: este podr\u00eda ser un duplicado de CVE-2013-1537 y CVE-2013-2415. Si es as\u00ed, CVE-2013-2380 podr\u00eda ser rechazado en el futuro."
}
],
"evaluatorComment": "1.Oracle released a Java SE Critical Patch Update on April 16, 2013 to address multiple vulnerabilities affecting the Java Runtime Environment. Oracle CVE-2013-2380 refers to the advisories that are applicable to JRockit from the Java SE Critical Patch Update. The CVSS score of this vulnerability CVE# reflects the highest among those fixed in JRockit. The complete list of all vulnerabilities addressed in JRockit under CVE-2013-2380 is as follows: CVE-2013-1537 and CVE-2013-2415.\r\n",
"id": "CVE-2013-2380",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-17T17:55:06.143",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-16 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "228C7B8D-18EE-444A-8067-6C222844FB8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
"matchCriteriaId": "2755C397-75DF-4110-8C8A-05EFDFFF9BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
"matchCriteriaId": "18FB6138-2B3D-4C4B-8647-3D1646165641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "49B3533A-57B1-4EDA-9434-D75AE837F2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "914D54AC-EAAE-4A01-BA88-7F245BDA47C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
"matchCriteriaId": "33DD9C2A-9C6E-407B-8110-2EC7906DE036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
"matchCriteriaId": "88FA3ACA-B2FC-4D9C-B67E-35272514FB84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
"matchCriteriaId": "17B87292-EDBB-4D5A-8874-7405F040FAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "366E2702-633C-4D4C-ACF8-4CBEC66719F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
"matchCriteriaId": "8CFE55B4-9A07-4E88-98AC-8345243AEF79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45; JRockit R28.3.6; y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores relacionados con JNDI."
}
],
"evaluatorComment": "Per Advisory: \u003ca href=\"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html\"\u003eApplies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\u003c/a\u003e",
"id": "CVE-2015-4749",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-16T11:00:43.860",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/75890"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-16 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "228C7B8D-18EE-444A-8067-6C222844FB8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
"matchCriteriaId": "2755C397-75DF-4110-8C8A-05EFDFFF9BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
"matchCriteriaId": "18FB6138-2B3D-4C4B-8647-3D1646165641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "49B3533A-57B1-4EDA-9434-D75AE837F2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "914D54AC-EAAE-4A01-BA88-7F245BDA47C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
"matchCriteriaId": "33DD9C2A-9C6E-407B-8110-2EC7906DE036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
"matchCriteriaId": "88FA3ACA-B2FC-4D9C-B67E-35272514FB84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
"matchCriteriaId": "17B87292-EDBB-4D5A-8874-7405F040FAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "366E2702-633C-4D4C-ACF8-4CBEC66719F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
"matchCriteriaId": "8CFE55B4-9A07-4E88-98AC-8345243AEF79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80 y 8u45; JRockit R28.3.6; y Java SE Embedded 7u75 y Embedded 8u33, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Security."
}
],
"id": "CVE-2015-4748",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-16T11:00:42.547",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/75854"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037732"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-19 17:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "7037AEF9-403D-43EC-ABBB-B46619241586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "B781F1F7-DE18-41F7-83C1-8690B0884DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "6D36F2A6-1329-4D74-BADC-C22D46CF7CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270968EC-7662-41E1-BA9B-D259BEC53A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "D53D6C3C-C8F3-4FF4-AE9C-1BFF14E74EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "71219100-B476-4062-A40A-13F1B8C7DAED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "FCC055BA-0D21-4D2B-AC9B-B81B8468860C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66910F84-DDFD-4BA8-BE7F-44EB5E3F9C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "66CB92D2-A529-4912-9D59-40EAC3F5D674",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*",
"matchCriteriaId": "280520BC-070C-4423-A633-E6FE45E53D57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*",
"matchCriteriaId": "1AEFF829-A8F2-4041-8DDF-E705DB3ADED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "6BF60DAD-DAA2-4543-B82E-8E17F7B1DA06",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Networking). Las versiones compatibles que se han visto afectadas son Java SE: 6u161, 7u151, 8u144 y 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Aunque la vulnerabilidad est\u00e1 presente en Java SE, Java SE Embedded y JRockit, los ataques podr\u00edan afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado de actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de algunos de los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 4.0 (impactos en la integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N)."
}
],
"id": "CVE-2017-10295",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-19T17:29:02.420",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101384"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-17 11:17
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "D45936B7-1B87-48DC-9107-251AE67FAAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "55DD4CE6-1308-473C-AEB3-21E0BF8DAF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "242A511F-2297-41CD-8C85-D7ADF8F7A520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "DD44ADE7-AF7D-400B-8175-20DCDB5EAC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "22A77F67-59C1-447E-B68B-BF5D9EDB1437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "A85E8DD9-9B00-4C7E-802D-6E6A1BD3B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "EC475CE8-9480-46FE-8005-BDD4F97EA872",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8E9E72-0EA1-4595-957C-233BD096361C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ADC20AB-059F-4AC3-955E-40C2912567BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u65, 6u75, 7u60, y 8u5, y JRockit R27.8.2 y JRockit R28.3.2, permite a atacantes remotos afectar la confidencialidad e integridad a trav\u00e9s de vectores desconocidos relacionados con Security."
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html\n\n\"Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\"",
"id": "CVE-2014-4244",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-17T11:17:10.140",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/58830"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59404"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59503"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59680"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59924"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59985"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59986"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59987"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60002"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60031"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60032"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60081"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60129"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60245"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60317"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60326"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60335"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60485"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60497"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60622"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60812"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60817"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60831"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60846"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60890"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61050"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61215"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61254"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61264"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61278"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61293"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61417"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61469"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61577"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61640"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61846"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/62314"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/68624"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94605"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-15 16:08
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update55:*:*:*:*:*:*",
"matchCriteriaId": "3A3360E8-7FF0-41CF-A84A-06D498A97C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update55:*:*:*:*:*:*",
"matchCriteriaId": "F831C70D-2CD9-4579-9DED-D1BE6701965E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "45B89CBB-BF1F-4887-BD28-6D6FB77AD18A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A5226952-1972-4572-9F8C-C90D89040FD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "51A52105-35B8-4D16-88BE-D6F81BC7B0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C9394F13-201D-42BD-8B48-E4F9FEE41477",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "105B15BC-6764-41C3-847D-BA1396CC034F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "BBCFEADF-7282-4C56-813B-A5DEAD9BF17B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u55, 6u65 y 7u45; JRockit R27.7.7 y R28.2.9; y Java SE Embedded 7u45 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con 2D."
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\n\n\"Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\"",
"id": "CVE-2013-5907",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-15T16:08:06.487",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/101995"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56432"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56485"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56486"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56487"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56535"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/64894"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915"
},
{
"source": "secalert_us@oracle.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/101995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-15 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ED5A7D-7C5F-494B-B71F-136FC4F60F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "091F8337-0581-4C70-85F2-4FB68087FE70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update_71:*:*:*:*:*:*",
"matchCriteriaId": "ABFFC778-4647-464C-8D4B-C5FFF9A8B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*",
"matchCriteriaId": "A96B7B6D-890C-4CAF-A273-01E17D3FDBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update_71:*:*:*:*:*:*",
"matchCriteriaId": "2537DFD3-4ACE-4448-964A-18CE2B8C71BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*",
"matchCriteriaId": "6D7DEDD2-FEF2-4FEC-B9BF-C1C3FA247A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*",
"matchCriteriaId": "CE789D26-302F-44CF-AF63-EA0BA73E49E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "A85E8DD9-9B00-4C7E-802D-6E6A1BD3B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "D776872E-A50A-498D-A68B-84DD910ED429",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Oracle Java SE 5.0u71, 6u81, 7u67, y 8u20; Java SE Embedded 7u60; y JRockit R27.8.3 y JRockit R28.3.3 permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con la seguridad."
}
],
"id": "CVE-2014-6558",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-15T22:55:08.343",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/70544"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*",
"matchCriteriaId": "D344C52B-BE53-4CA0-A34F-7605F1291FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*",
"matchCriteriaId": "86A7546D-3372-41CA-9E12-03F93259934A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*",
"matchCriteriaId": "265E9C6F-F7FD-4F11-A775-D4DFE449DEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*",
"matchCriteriaId": "0E710C31-C9F4-46BD-9377-19745C1B6F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*",
"matchCriteriaId": "2CAB36DB-1322-4979-9F93-C02122E8639C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*",
"matchCriteriaId": "B40DE6E4-6F3B-4BF8-863A-5D8C4AE07E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FA90A3B9-9749-44F5-BAFC-40BA2BD37B43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE de Oracle Java SE (subcomponente: AWT). Versiones compatibles que son afectadas son Java SE: 6u141, 7u131 y 8u121.Vulnerabilidad dificil de explotar permite a atacante autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos para comprometer Java SE. Los ataques exitosos requieren la interacci\u00f3n humana de una persona m\u00e1s que un atacante y mientras la vulnerabilidad est\u00e1 en Java SE, los ataques pueden afectar significativamente a otros productos. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en la adquisici\u00f3n de Java SE. Nota: Esta vulnerabilidad se aplica a las implementaciones de Java, normalmente en clientes que ejecutan aplicaciones de Java Web Start en modo sandbox o en applets de Java protegidos, que cargan y ejecutan c\u00f3digo no confiable (por ejemplo, c\u00f3digo que proviene del Internet) y conf\u00edan en el sandbox Java para seguridad. Esta vulnerabilidad no se aplica a implementaciones de Java, normalmente en servidores, que cargan y ejecutan s\u00f3lo c\u00f3digo de confianza (por ejemplo, c\u00f3digo instalado por un administrador). CVSS 3.0 Base Score 8.3 (Confidencialidad e integridad e Impactos de disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"id": "CVE-2017-3514",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T19:59:03.287",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97729"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-17 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert_us@oracle.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | Third Party Advisory | |
| secalert_us@oracle.com | http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | Patch, Vendor Advisory | |
| secalert_us@oracle.com | http://www.securityfocus.com/bid/56050 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/56050 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAA9DBB-65F3-4AB4-84BA-564CFE237F3F",
"versionEndIncluding": "r27.7.3",
"versionStartIncluding": "r27.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "915752DD-B8A5-4E93-8D7E-A0159CB360CC",
"versionEndIncluding": "r28.2.4",
"versionStartIncluding": "r28.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en el componente Oracle JRockit en Oracle Fusion Middleware v28.2.4 y anteriores, y v27.7.3 y versiones anteriores, cuando se utiliza JDK/JRE v5 o v6, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos. NOTE: esto solapa CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085."
}
],
"id": "CVE-2012-3202",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-10-17T00:55:02.667",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/56050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/56050"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A4022E33-B50C-4B0D-8485-F9091B6E57E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider:*:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "C57F75D8-DF7A-49D1-BB27-FF21661107B3",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider:6.0:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "74118415-7E65-4D4B-A5E8-51D17CE5B6EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "066C2961-E9C4-418E-82AF-1A7C35D5C085",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "C54F036F-C6F9-47B5-AFFA-DD3C1D08DD9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.2.2:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "88B2E009-A457-4C3D-A8CF-84B7F3E8DA90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8556AADE-54E7-4D1B-A5AB-D37EF3B4962E",
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: 2D). Las versiones compatibles que se han visto afectadas son JavaSE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones en sandbox Java Web Start y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2017-10053",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:01.773",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99842"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "228C7B8D-18EE-444A-8067-6C222844FB8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
"matchCriteriaId": "2755C397-75DF-4110-8C8A-05EFDFFF9BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
"matchCriteriaId": "18FB6138-2B3D-4C4B-8647-3D1646165641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "49B3533A-57B1-4EDA-9434-D75AE837F2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "914D54AC-EAAE-4A01-BA88-7F245BDA47C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
"matchCriteriaId": "33DD9C2A-9C6E-407B-8110-2EC7906DE036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
"matchCriteriaId": "88FA3ACA-B2FC-4D9C-B67E-35272514FB84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
"matchCriteriaId": "17B87292-EDBB-4D5A-8874-7405F040FAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "366E2702-633C-4D4C-ACF8-4CBEC66719F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
"matchCriteriaId": "8CFE55B4-9A07-4E88-98AC-8345243AEF79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE en las versiones 6u95, 7u80 y 8u45, en JRockit R28.3.6 y en Java SE Embedded en las versiones 7u75y 8u33, permite a atacantes remotos afectar la confidencialidad a trav\u00e9s de vectores relacionados con la JCE."
}
],
"evaluatorComment": "Per Advisory: \u003ca href=\"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html\"\u003eApplies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.\u003c/a\u003e",
"id": "CVE-2015-2601",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-16T10:59:27.020",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/75867"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037732"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-18 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | * | |
| oracle | openjdk | 1.7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8723BA-8042-4E0B-94D5-558137D289E1",
"versionEndIncluding": "r27.7.5",
"versionStartIncluding": "r27.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CCF03EA-0C82-4B39-A995-DBF760864191",
"versionEndIncluding": "r28.2.7",
"versionStartIncluding": "r28.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:openjdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "662D4C81-DD97-4A36-8F15-CCE6ADA6456E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a \"Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y versiones anteriores y 6 Update 45 y versiones anteriores; el componente Oracle JRockit en Oracle Fusion Middleware R27.7.5 y versiones anteriores y R28.2.7 y versiones anteriores; y OpenJDK 7 permite a atacantes remotos afectar a la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Libraries. NOTA: la informaci\u00f3n anterior es de la CPU de Junio y Julio de 2013. Oracle no ha comentado sobre la reclamaci\u00f3n de otro vendedor que este problema permite a atacantes remotos eludir firmas de verificaci\u00f3n de XML a trav\u00e9s de vectores relacionados con \"Falta de verificaci\u00f3n de [un] algoritmo de canonicalizaci\u00f3n DOMCanonicalizationMethod v\u00e1lido\"."
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html\n\n\u0027Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\u0027",
"id": "CVE-2013-2461",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-18T22:55:02.727",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2013-0185.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/abe9ea5a50d2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/60645"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=975126"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16887"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19565"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2013-0185.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/abe9ea5a50d2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/60645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=975126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19582"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-16 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jrockit | r27.8.1 | |
| oracle | jrockit | r28.3.1 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| canonical | ubuntu_linux | 14.04 | |
| juniper | junos_space | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| ibm | forms_viewer | * | |
| ibm | forms_viewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFBC2BA-94F8-4D3B-9C70-3E9FA1F6E0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81434638-A069-4828-99FD-EEBAC3EB41CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B258D4C-2CAA-4493-8C35-E8A641A4FB14",
"versionEndExcluding": "15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "086781C9-08D6-4268-AEB4-F60365F51562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "DDD27C84-32AD-47CC-B47B-7FBA1321E717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F906BFD6-7654-46C5-8240-3A50949CAE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "E80738D2-3CE2-4EB6-AE4C-F90C2C93BFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "78BC97BC-F745-45E0-8749-41535F7C374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CA226495-4733-485A-9D53-85874434815D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "745E0942-12A9-49B3-851C-ED67F047BCEB",
"versionEndExcluding": "4.0.0.3",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5452C9C6-D761-4E3D-B7CF-C0AC55D08650",
"versionEndExcluding": "8.0.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Oracle Java SE 5.0u61, SE 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con las librer\u00edas."
}
],
"id": "CVE-2014-0457",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-16T01:55:09.820",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66866"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jrockit | * | |
| oracle | jrockit | r27.7.1 | |
| oracle | jrockit | r27.7.2 | |
| oracle | jrockit | r27.7.3 | |
| oracle | jrockit | r27.7.4 | |
| oracle | jrockit | r27.7.5 | |
| oracle | jdk | * | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| oracle | jre | * | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | * | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| oracle | jrockit | r28.1.4 | |
| oracle | jrockit | r28.1.5 | |
| oracle | jrockit | r28.2.2 | |
| oracle | jrockit | r28.2.3 | |
| oracle | jrockit | r28.2.4 | |
| oracle | jrockit | r28.2.5 | |
| oracle | jrockit | r28.2.6 | |
| oracle | jdk | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "535FA154-AB3D-449E-94C4-DA2F023A57CD",
"versionEndIncluding": "r27.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C032857-3236-4300-8252-1ECA38C18FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DFD492-029A-4560-AFC0-56187B0F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E78A93E-1600-41CE-A315-E50C00A8A2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422B920-B9E9-4CF6-8BAF-974CDA1ECEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "63E65735-D861-4FEC-93B8-1769671E8B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "CBCCEDA8-1984-4E88-A838-294CD3D12857",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "239B595E-6A76-4F56-BBED-8D3606156CF4",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "2769B772-C54F-486D-AE21-1EFF237ED5BA",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192167A3-A4D7-49D1-B21B-DC064E6CBE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D9DF02-2882-4AFF-AB72-A22C648AAB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8200-370E-4428-B124-05E1B1C35DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC02DC7-6076-4BBF-B384-DC02F5FA788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB3E3F-7DC6-4196-974F-5E16F404E3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3AAA87-E27E-44E7-9148-37CC05966595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "5DE61035-9270-4CFE-A331-98D9203929F4",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "720419B2-5E62-4FE8-8A0E-A67436E9E3F5",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "47E3CD14-7C90-4ECF-BEB8-BCAD9EB5883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "56A0449D-E87C-4BAC-AEB3-3C3DBEC1BFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "6559C549-49B6-4784-A30E-605A5632B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B5802968-A12E-4938-B322-D1002F55D7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "91D354BB-6849-44B9-9E2A-0EEA66E4D9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "9FEFE472-63A9-4D02-A674-2EFA4C781D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "15CBCC05-5D20-4672-9BDD-879F8CB933FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, and Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores relacionados con JGSS."
}
],
"evaluatorComment": "Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\u0027Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\u0027",
"id": "CVE-2013-5803",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.207",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/63082"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18874"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-21 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r27.8.4 | |
| oracle | jrockit | r28.3.4 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| novell | suse_linux_enterprise_desktop | 11.0 | |
| novell | suse_linux_enterprise_server | 12.0 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "8C137033-B58D-47A1-B10E-97E161B9DBB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "B47EBED9-2DA8-4282-91B8-4F5BE586078B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "EB2429BA-65AE-4EC5-B6BC-3767651BEC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*",
"matchCriteriaId": "D95925E1-5761-4CDD-80A0-52939ABF52F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "E87241E0-A296-4CAA-980A-FC572DAEB9F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "49A6100C-86B5-4180-8807-06FB211443AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "8B25BDB2-90A1-40EA-B1EE-CF1B731CE919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "A9FE9C93-6AE9-49E7-B908-DF85B21F7247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "36E6A798-78A6-498E-9668-D5D427890E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:*",
"matchCriteriaId": "E40DC6EF-6153-403A-BAA0-4425385F92DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "8A9B64C6-749E-4E98-9ACA-B715A13EA390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "FC4DE6A8-EFB0-480E-863E-BF49823321EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A02772D-DB3D-444B-AA9B-9367BE6FD677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39F11BE8-91C7-40ED-841E-6803E053F65D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A46AFB60-4775-48A9-81FA-5A54CEDA7625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Java SE, Java SE Embedded, JRockit en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25; Java SE Embedded 7u71 y 8u6; y JRockit R27.8.4 y R28.3.4 permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con seguridad."
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\n\nApplies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",
"id": "CVE-2015-0410",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-21T18:59:50.153",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/72165"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100151"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"source": "secalert_us@oracle.com",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-21 23:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "27BBEF93-7B3E-48C5-84B8-606C6257F020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "3CB2A0A4-F70C-4161-9504-781E49925180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "8D5A88F0-6F37-402F-8153-92B4D4083313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "E5D9CEF0-6DE9-4886-91B9-3AEDD6E5A24E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "5AB1B679-623A-4ADE-B235-A35EFCA0CC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*",
"matchCriteriaId": "9907A48A-6F6A-47C9-86AD-0834E1CB30E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*",
"matchCriteriaId": "63A5916F-9EDC-48E3-A3D3-9BF98CD5BC63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*",
"matchCriteriaId": "4B7E7C40-2A96-45AC-BBB6-1E6C07A466A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*",
"matchCriteriaId": "15C71821-E1E2-4083-92FF-C0FE10443556",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a trav\u00e9s de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4803 y CVE-2015-4911."
}
],
"evaluatorComment": "Per \u003ca href=\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\"\u003eLINK\u003c/a\u003e: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",
"id": "CVE-2015-4893",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-21T23:59:53.997",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/77207"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-21 10:12
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CCD459-9E6D-4731-8054-CDF8B58454A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update115:*:*:*:*:*:*",
"matchCriteriaId": "31B36B01-7736-44B7-BFE7-838E07013B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "8AEA7244-D1DC-4144-BA69-0488EDD8ABAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "429DC535-FA00-4309-AD75-E79F238A4B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*",
"matchCriteriaId": "95C17CAA-0971-44CB-8A04-F135ACBEFBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update115:*:*:*:*:*:*",
"matchCriteriaId": "F3E80A87-8142-4391-88C9-27FBE20BD9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "8AE0C67B-6B6E-4B16-A0EB-4DFBAE83134F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "35E4B9B9-917E-4EB1-B8ED-B69D5589A0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*",
"matchCriteriaId": "CFC93807-F81D-4F4C-AD4F-3F0A45C36F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "77416A88-9162-4B8B-B5B3-6CF5671FBED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2016-3508."
}
],
"id": "CVE-2016-3500",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-21T10:12:53.337",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8556AADE-54E7-4D1B-A5AB-D37EF3B4962E",
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B92F025C-D612-4A64-B138-E6B4B113B504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JCE). Las versiones compatibles que se han visto afectadas son JavaSE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en un acceso no autorizado a datos de suma importancia o un acceso completo a todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start en sandbox o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 7.5 (impactos en la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"id": "CVE-2017-10115",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:03.773",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99774"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-15 16:08
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "51A52105-35B8-4D16-88BE-D6F81BC7B0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C9394F13-201D-42BD-8B48-E4F9FEE41477",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A5226952-1972-4572-9F8C-C90D89040FD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update55:*:*:*:*:*:*",
"matchCriteriaId": "3A3360E8-7FF0-41CF-A84A-06D498A97C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update55:*:*:*:*:*:*",
"matchCriteriaId": "F831C70D-2CD9-4579-9DED-D1BE6701965E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "105B15BC-6764-41C3-847D-BA1396CC034F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update65:*:*:*:*:*:*",
"matchCriteriaId": "BBCFEADF-7282-4C56-813B-A5DEAD9BF17B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u55, 6u65 y 7u45; JRockit R27.7.7 y R28.2.9; y Java SE Embedded 7u45 permite a atacantes remotos afectar la confidencialidad e integridad a trav\u00e9s de vectores relacionados con JSSE."
}
],
"id": "CVE-2014-0411",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-15T16:08:10.017",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/102028"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56432"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56485"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56486"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56487"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56535"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/57809"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59037"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59071"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59082"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59194"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59235"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59251"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59254"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59283"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59324"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59339"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59665"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59704"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59705"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/59872"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60005"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60498"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60833"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60835"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60836"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21672078"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/64918"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90357"
},
{
"source": "secalert_us@oracle.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675223"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21677913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/102028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21672078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21677913"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-21 11:00
Modified
2025-04-12 10:46
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
References
Impacted products
{
"cisaActionDue": "2023-06-02",
"cisaExploitAdd": "2023-05-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Oracle Java SE and JRockit Unspecified Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update113:*:*:*:*:*:*",
"matchCriteriaId": "AE4602E8-1466-4148-BC89-7FAFFA14A886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update99:*:*:*:*:*:*",
"matchCriteriaId": "C3D13189-1F7B-482F-ABF7-CC8D563716C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update77:*:*:*:*:*:*",
"matchCriteriaId": "C6CAC2AE-7FB0-40F4-9A45-533943A35772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update113:*:*:*:*:*:*",
"matchCriteriaId": "F0D546F4-B709-4522-B84A-7D6C301814BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update99:*:*:*:*:*:*",
"matchCriteriaId": "0BF73F1C-91F1-41F6-956C-4A64603DCDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update77:*:*:*:*:*:*",
"matchCriteriaId": "CDF71474-FFBF-44A0-A5EC-CD3E50472D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7ACC3A-F8F4-4B53-981A-697569B172CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
"matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*",
"matchCriteriaId": "280520BC-070C-4423-A633-E6FE45E53D57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*",
"matchCriteriaId": "1AEFF829-A8F2-4041-8DDF-E705DB3ADED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_cloud_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "069D0EC4-BE9D-44A9-82B0-36EFA3702EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "212E1878-1B9A-4CB4-A1CE-EAD60B867161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_report:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50E60FEB-7FC2-491A-B492-5A5DC0A4821A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "95B173E0-1475-4F8D-A982-86F36BE3DD4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73019FE2-F7CE-4B12-9DC1-8333F08A7D9C",
"versionEndIncluding": "9.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCAE701-DCF8-4031-A711-218D5ADFAD24",
"versionEndExcluding": "2.1.22",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53EC5281-8A0B-45A9-8E05-6709516DDFCD",
"versionEndExcluding": "2.2.18",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE85F320-9AD4-48CA-AAD6-D3436E132204",
"versionEndExcluding": "3.0.22",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*",
"matchCriteriaId": "291DAFA7-48C8-43D0-A800-FC0337764EB4",
"versionEndExcluding": "3.11.8",
"versionStartIncluding": "3.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cassandra:4.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "A7B8B2B7-874C-45C7-88B9-CAEF8F12D1EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_module_for_legacy:12:*:*:*:*:*:*:*",
"matchCriteriaId": "C0257D57-ABF4-49FF-AA59-1B82FAA6D147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD4EEF7C-CC33-4494-8531-7C0CC28A8823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBED083-B935-4C47-BBDA-F39D8EA277ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6136E8-74DE-48AF-A8AB-B0E93D34870C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "B12243B2-D726-404C-ABFF-F1AB51BA1783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores relacionados con JMX."
}
],
"id": "CVE-2016-3427",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2016-04-21T11:00:21.667",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/31/1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/86421"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035596"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037331"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5f48b16573a11fdf0b557cc3d1d71423ecde8ee771c29f32334fa948%40%3Cdev.cassandra.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc3abf40b06c511d5693baf707d6444bf7745e6a1e343e6f530a12258%40%3Cuser.cassandra.apache.org%3E"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/31/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/86421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5f48b16573a11fdf0b557cc3d1d71423ecde8ee771c29f32334fa948%40%3Cdev.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc3abf40b06c511d5693baf707d6444bf7745e6a1e343e6f530a12258%40%3Cuser.cassandra.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8556AADE-54E7-4D1B-A5AB-D37EF3B4962E",
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B92F025C-D612-4A64-B138-E6B4B113B504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "D8236A99-A6FC-4C71-A506-55B48FCD3A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAA5561-CA42-457A-B63E-96A79258758B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Security). Las versiones compatibles que se han visto afectadas son JavaSE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Aunque la vulnerabilidad est\u00e1 presente en Java SE, Java SE Embedded y JRockit, los ataques podr\u00edan afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en un acceso no autorizado a datos de suma importancia o un acceso completo a todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 6.8 (impactos en la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)."
}
],
"id": "CVE-2017-10198",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:05.837",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99818"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "92EF1E3B-6EF8-499A-84EA-D7792B181CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "73185AEF-8CB1-4728-9E99-D0D2A3419D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "BEB76EC4-557F-4C67-BE1E-79E837043B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "706F9471-3647-4D13-B794-4F53700091F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "1ED8B5A9-E738-430E-9FC6-206DFC98B965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "4AA3E574-DC5D-465B-95B8-CD1AF5433646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1A57E9-0134-466F-B8EE-9E38A844F865",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en Java SE, Java SE Embedded, componente JRockit de Oracle Java SE (subcomponente: Libraries). Versiones compatibles que est\u00e1n afectadas son Java SE: 7u121 y 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Vulnerabilidad f\u00e1cilmente explotable permite a atacante no autenticado con acceso a la red, a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE, Java SE Embedded, JRockit. Ataques exitosos de esta vulnerabilidad pueden resultar en una capacidad no autorizada para provocar una denegaci\u00f3n de servicio parcial (DOS parcial) de Java SE, Java SE Embedded, JRockit. Nota: Aplica a la implementaci\u00f3n de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s de aplicaciones Java Web Start y applets Java aislados. Tambi\u00e9n puede ser explotada suministrando datos de APIs en el componente especificado sin utilizar aplicaciones Java Web Start o applets Java aislados, como por ejemplo mediante un servicio web. CVSS v3.0 Base Score 5.3 (Impactos de Disponibilidad)."
}
],
"id": "CVE-2016-5547",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-27T22:59:00.333",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95521"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA4F304-3992-42BA-ABB5-5E3A7A066A42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B92F025C-D612-4A64-B138-E6B4B113B504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Security). Las versiones compatibles que se han visto afectadas son JavaSE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante y, aunque la vulnerabilidad est\u00e1 presente en Java SE, Java SE Embedded y JRockit, los ataques podr\u00edan afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en la toma de control de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start en sandbox o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 8.3 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"id": "CVE-2017-10116",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:03.820",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99734"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-21 10:13
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update115:*:*:*:*:*:*",
"matchCriteriaId": "31B36B01-7736-44B7-BFE7-838E07013B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "8AEA7244-D1DC-4144-BA69-0488EDD8ABAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "429DC535-FA00-4309-AD75-E79F238A4B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*",
"matchCriteriaId": "95C17CAA-0971-44CB-8A04-F135ACBEFBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update115:*:*:*:*:*:*",
"matchCriteriaId": "F3E80A87-8142-4391-88C9-27FBE20BD9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "8AE0C67B-6B6E-4B16-A0EB-4DFBAE83134F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "35E4B9B9-917E-4EB1-B8ED-B69D5589A0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*",
"matchCriteriaId": "CFC93807-F81D-4F4C-AD4F-3F0A45C36F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "77416A88-9162-4B8B-B5B3-6CF5671FBED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CCD459-9E6D-4731-8054-CDF8B58454A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2016-3500."
}
],
"id": "CVE-2016-3508",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-21T10:13:00.883",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/91972"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "711BCDB5-83BC-4DBA-8097-2CD33617FD19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "B5F20B3E-781F-4DC1-B939-B0EAFC515F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "BEB37E93-38EB-4AEE-A3DD-D2097C0D6852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "59DED85A-153E-40B1-9ABA-D405204E464E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "168E67FC-32BC-4DAE-B49C-840FD721D7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "83A2B4A2-ED27-4C12-871B-C0F78C3478FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "9E8A5D2D-B620-449B-B599-51F5C9FC658C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "9A39B469-5041-4715-B6AC-36D8777677EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "F49DBD1F-D3F5-400B-AE2E-BC87B05A5051",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "8E605982-97A2-4E5E-847E-2BB8AD77910C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "848299EC-DE52-4511-BF53-C83022935964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "CD5BD598-ADBC-42EE-BF81-049D89CCA426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "64AC19E5-A20C-4D51-B465-ABCDBADF550A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "4855E669-C465-4167-89CE-EA693C70A051",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "9D970942-F8B4-445B-8167-955C489DA85B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "9EE4A1F0-FDAD-4BC7-8541-0CA928E51731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "542B79DC-8BC8-4E93-ADC0-50BAF5FFB3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "5E537391-BC5D-4923-9122-27624371BF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "2D8E305C-BB6A-4705-ADED-73B3159A338C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "CC65A3CD-F682-4788-B42C-77BBBDBAEB34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E67D9262-1F65-44D0-B6E6-68D405CEA5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "774509D5-9C66-446B-9050-F8CE6C6EDB70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1A85BCBA-61AF-455A-A5E0-312E4D1308C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "A2CCCA1A-F0A1-4511-AF84-326DF406C0DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "DD21F014-7CFF-490E-9D39-048703915552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "C00F4FBC-E6A3-40DC-AEA9-26F34F90A86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "EBF147E8-5BB0-4472-8213-18D8BFE1E2CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "7FAF6EAE-8974-488F-87A3-86AF9D4455B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "B19E5AB2-FB4A-4D42-9A43-6A1C4829B4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "40119D8A-8D51-4AD7-AC83-A735CF86F9D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "47E3CD14-7C90-4ECF-BEB8-BCAD9EB5883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "56A0449D-E87C-4BAC-AEB3-3C3DBEC1BFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F0CE054A-4F45-459F-BC62-161EA147EA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "81B0BEF9-25FD-48F7-83BC-BEA31BC3A1BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "6559C549-49B6-4784-A30E-605A5632B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B5802968-A12E-4938-B322-D1002F55D7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "91D354BB-6849-44B9-9E2A-0EEA66E4D9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "4E6D8590-0A99-43E0-9256-9572112F9C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "04C71221-E477-4DF8-B10A-3AC64511E4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "5F2A0870-A4D3-481B-8A37-A4DC282B0DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "20171515-B5A5-44D2-B7F7-21EDDE39989E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "F734AF76-4CEE-4F9D-AD6A-6BECF1F977CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "985B45F6-C285-4061-A656-A4C1A1FE59D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4A420DA5-1346-446B-8D23-E1E6DDBE527E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "B8CA8719-7ABE-4279-B49E-C414794A4FE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "DC92B7EC-849F-4255-9D55-43681B8DADC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "2ABC1045-7D3D-4A14-B994-7E60A4BB4C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "1F3C1E65-929A-4468-8584-F086E6E59839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "42C95C1D-0C2E-4733-AB1B-65650D88995D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "47A9F499-D1E3-41BD-AC18-E8D3D3231C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "D45B0D7E-BA0F-4AAA-A7BA-2ADA4CC90D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "D58A3E4F-2409-440A-891E-0B84D79AB480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "3FC2226B-CFEF-48A4-83EA-1F59F4AF7528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "F29DC78F-4D02-47B4-A955-32080B22356C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "81A4204E-6F50-45FB-A343-7A30C0CD6D3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D6E07069-D6EE-4D44-94A6-CDCA4A50E6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "4B151882-47C0-400E-BBAB-A949E6140C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "6DB4F19E-DFC4-42F4-87B9-32FB1C496649",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "344FA3EA-9E25-493C-976A-211D1404B251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32_b31:*:*:*:*:*:*",
"matchCriteriaId": "F52AABC3-2ED1-4E42-947A-C932ABB72230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32_b32:*:*:*:*:*:*",
"matchCriteriaId": "E483FA1D-0C16-4522-90C9-E519AA492D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33_b31:*:*:*:*:*:*",
"matchCriteriaId": "8D4A356A-5B98-4343-9D7A-2FC3C4F8A393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33_b32:*:*:*:*:*:*",
"matchCriteriaId": "791AF351-BD13-4833-8C1D-46D0A4E24F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33_b33:*:*:*:*:*:*",
"matchCriteriaId": "921FDBA8-D14A-46CB-8650-70C60A9FD807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34_b31:*:*:*:*:*:*",
"matchCriteriaId": "8D9514FE-4CE3-4388-9F99-974AE008BE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34_b32:*:*:*:*:*:*",
"matchCriteriaId": "DE1D896F-DFC7-49B9-84EF-EA10ADD81528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35_b31:*:*:*:*:*:*",
"matchCriteriaId": "6C96B122-A69E-4AFF-B39F-8DE4FCB23085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35_b32:*:*:*:*:*:*",
"matchCriteriaId": "6A70494A-AAB4-4112-9B3B-52C2DCD9291D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37_b31:*:*:*:*:*:*",
"matchCriteriaId": "2D55B585-E8BF-4FE4-86E9-FCD189F082B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37_b32:*:*:*:*:*:*",
"matchCriteriaId": "84A76389-79FE-4994-9F18-F77367C5229A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38_b31:*:*:*:*:*:*",
"matchCriteriaId": "AFD97F29-D459-4178-A7FB-FD5310A8E0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "D081A380-5AA4-4451-94A9-7B65810106E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43_b31:*:*:*:*:*:*",
"matchCriteriaId": "FCA855EE-E8B2-4931-9E25-44288B7B9370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "112E7575-A3A0-4A94-AD39-7B2325B150B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51_b31:*:*:*:*:*:*",
"matchCriteriaId": "640E12D5-681D-41F7-A3CC-33546A06ED4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51_b32:*:*:*:*:*:*",
"matchCriteriaId": "9327533B-9997-480D-ADC1-60756CD8BB13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "708E8CEF-82EE-4D4B-ABF9-87AA4878F517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "FF7DE0E6-F329-417B-8035-B4EBF9C97483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "D5D9D9A7-8819-44A4-80AC-52D6B63A0C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "FEB2C8A3-E0DC-46A3-BD82-8E45DA55ED0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "64B5B16D-061A-438D-A8CF-9E63D6C748D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "ACABC935-5DD6-4F85-992E-70AD517EF41D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10_b31:*:*:*:*:*:*",
"matchCriteriaId": "961EA7A1-1D15-4593-8045-4488225A35B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11_b32:*:*:*:*:*:*",
"matchCriteriaId": "E03D6E3B-7BC1-4968-8190-3EE383B581A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17_b31:*:*:*:*:*:*",
"matchCriteriaId": "D9ED7306-CB1F-4E50-9C5C-E1746F1E5D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17_b32:*:*:*:*:*:*",
"matchCriteriaId": "F2D5B1D3-0D27-41A7-B4F9-3788272E1DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21_b31:*:*:*:*:*:*",
"matchCriteriaId": "29E8513E-09C8-4679-A84D-7DD50093E5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b33:*:*:*:*:*:*",
"matchCriteriaId": "4AE3DEB6-A368-4BFA-AA8B-2D5AEF812199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b34:*:*:*:*:*:*",
"matchCriteriaId": "2A291196-FA04-4897-B2B0-E078C51E8C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b35:*:*:*:*:*:*",
"matchCriteriaId": "FD014E94-E45B-4DCD-B345-12DDD59F358C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "220536FA-695D-4DE8-9813-494E3D061B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D8730889-A618-4CF9-888C-BF95802DD00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "94F2C368-5881-40AB-8B08-BF959E724950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2D33EDF0-548B-457F-908B-C3795945FC37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "7B1BA97C-51C0-4EA2-B514-84503E1B42CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "30F69268-F35B-411F-90C6-11A5EFF00DE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "E137594B-9FFE-4081-933F-F825E3A3F362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "5DCC0622-5D7E-4D2D-84ED-FD985B2B0C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "26AF05CC-DF6C-40EE-88A6-71C85EE7C4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "79674E2C-B6E8-40DE-821D-291FD312C3A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "83E72AE8-C2EB-4C4A-80D0-7C5AA0BD2C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "FC107766-8EF4-4A63-AC1F-DBFAD33E349D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "BAA97E64-FFAA-4C4E-B3B1-72D9B968161E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "5CEBD756-DAA9-4613-9ECA-943EB162BAF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "508CB5E0-5A93-4890-B822-10F29631B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "A7C6D544-04A1-4B09-8AC9-DEBEAAB1E903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "08F6C2F3-2DB1-4B71-82D7-11233ADD1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "708418EA-CFB6-4AFC-9327-E974F99E7323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "159846BB-6BC2-4A6F-B9B7-5D95D70B966F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "ABD71288-227D-4FA6-9E07-FFA9EBAF3452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "5B02C330-01CB-41FB-A503-A6A9BB24FDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "CF46C0A1-67A1-421A-961A-5C19E20D075F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "CF3B6C14-A29B-4B55-82A9-51A2CC108063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "3E77C2EE-EB7D-40D8-BF74-F6CEB8DCE610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5798AD7E-81A9-456B-8109-46F5CF910C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "3FE9142C-E34A-4390-B9DF-4689A45E67BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "54D82C69-8F1E-4666-B0F3-25540F840170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "27EE5902-38E6-4977-A66A-FE2CCE27EAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97905F32-901A-4AE0-8E16-7CA44BC5988C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "7109AD44-F277-41A6-B765-EE053B4F32C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "1AC184EB-A85D-47A0-8C21-FD05B0C46079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "A47E0A76-D6A3-445E-84C8-038497655BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "88114C4E-0267-47C2-A7FC-D38BEFC3AF5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "055CA491-F4F1-4110-824F-23ED1494543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "ACB55CC5-0EC7-44B2-B5A9-A5B1EE584791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "5687B90D-55D3-4115-8266-4B935108C237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "6CA9E211-120C-4CAE-8A25-709D015124F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "FEE709FD-88F8-484D-9D13-216D79F5DDC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "15D32F92-E8CF-4EA8-AA31-5F406AAB455B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "EB864346-1429-46B5-A91E-A1126C486421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F199B346-B95E-4DCA-B750-148A36D559BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "D16229B8-1642-4C10-8650-A9CEA9D4C98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "1714BDEF-6B0E-42BB-9510-3F9B52E170BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "830A3A51-F17A-4C61-8F5C-6A4582A64DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "9DE0E496-719D-4CEF-837F-B060A898099F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3B02F361-0C64-4CB8-8DAD-A63F1A9CC025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "FD4CC3E2-7BEA-4D8C-811C-C5012327A9AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "9F63A8AC-893D-4D75-B467-85E70B62541D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "D7823AE6-CB18-47DE-8A4F-1F98394B7237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "381EFA43-DB73-48EA-A4B1-F451EF60D845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "77C54E00-0197-4C87-9BFF-01A099AC3006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "64AD6007-EB92-4D0E-A0CB-8FFDDB61AA6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "7415177F-A2FE-47AB-8D92-194A4F6D75C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "52FA600C-08B6-4143-9C72-DB31E489DE3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "2752B83A-6DD2-4829-9E4F-42CDDCBC38C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "964CCFD6-316A-48C6-9A6B-7CFD1A1FB027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "DC8771D7-9531-4A1D-B2DE-FAA7A7549801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6C59C275-5964-4E5D-BE80-BA4EA34BEA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "4F6B5E73-6751-475A-B9BF-3414D3476208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "47C1922B-37E8-4009-97C7-B243F6F96704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "68957C57-EC74-4896-B97D-E936DC6AD31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "6B3A8681-3EAC-4D02-811A-5FCCCC7B5635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10_b31:*:*:*:*:*:*",
"matchCriteriaId": "61B7A9E2-14BE-40E3-AF51-1BA6FC612170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11_b32:*:*:*:*:*:*",
"matchCriteriaId": "2438C775-5722-4AE6-98A8-354ABB6E0744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b31:*:*:*:*:*:*",
"matchCriteriaId": "B0228195-41B4-4145-B8A4-7B974456ABA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b32:*:*:*:*:*:*",
"matchCriteriaId": "44F8FB6D-3602-4263-9814-CCB64B8D1926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21_b31:*:*:*:*:*:*",
"matchCriteriaId": "2D3257E5-17DB-4E02-9A8E-DD0E4D4339DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b33:*:*:*:*:*:*",
"matchCriteriaId": "3391456D-86B0-457B-83BB-4C74DA0ED634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b34:*:*:*:*:*:*",
"matchCriteriaId": "AA88EAC0-FD2D-4B38-8944-D4B6C3BD6FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b35:*:*:*:*:*:*",
"matchCriteriaId": "C12DF03E-6E61-41DF-A283-D16AB356B6A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "7CB654DC-1D3D-4475-8815-335AC573F54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7_b32:*:*:*:*:*:*",
"matchCriteriaId": "CD27AF64-5AA9-40F0-9308-2B4196FE7653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9_b31:*:*:*:*:*:*",
"matchCriteriaId": "85AAF389-656C-4460-AE39-70703CE74ABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9_b32:*:*:*:*:*:*",
"matchCriteriaId": "5CEBEC4F-12CB-4790-B909-C2E796CEA60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, Java SE v6u60 y anteriores, Java SE v5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded v7u40 y anteriores permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con las librer\u00edas."
}
],
"id": "CVE-2013-5830",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.850",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/56338"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/63121"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/63121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19096"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 10 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 10 | |
| oracle | jrockit | r28.3.17 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| hp | xp7_command_view | * | |
| schneider-electric | struxureware_data_center_expert | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "5B9A0DD9-878D-42E8-AA57-283E5D1E0A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A396-AF98-46BD-8B73-8CAC02BF12B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "4009C7E0-94C7-4838-94CF-5607D7C575CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0231D6-CA6A-4F76-997A-93AFB840CAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "DD3B3C9B-A53B-4921-8F5F-FF118283D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "038F6540-6674-4D7A-9A70-A62B0F3C9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "0F88A87F-D142-4FFD-8121-52FC9A4B70E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:10:*:*:*:*:*:*:*",
"matchCriteriaId": "095351DA-F50B-4BAF-A4EF-A9C1F8E40E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Security). Las versiones compatibles que se han visto afectadas son JavaSE: 6u181, 7u171, 8u162 y 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2795",
"lastModified": "2024-11-21T04:04:28.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-19T02:29:03.647",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103847"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*",
"matchCriteriaId": "D344C52B-BE53-4CA0-A34F-7605F1291FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*",
"matchCriteriaId": "86A7546D-3372-41CA-9E12-03F93259934A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*",
"matchCriteriaId": "265E9C6F-F7FD-4F11-A775-D4DFE449DEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*",
"matchCriteriaId": "0E710C31-C9F4-46BD-9377-19745C1B6F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*",
"matchCriteriaId": "2CAB36DB-1322-4979-9F93-C02122E8639C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*",
"matchCriteriaId": "B40DE6E4-6F3B-4BF8-863A-5D8C4AE07E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FA90A3B9-9749-44F5-BAFC-40BA2BD37B43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE, Java SE Embedded, JRockit de Oracle Java SE (subcomponente: JCE). Versiones compatibles que son afectadas son Java SE: 7u131 y 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13.Vulnerabilidad dificil de explotar permite a atacante autenticado con conexi\u00f3n a la infraestructura donde Java SE, Java SE Embedded, JRockit ejecuta comprometer Java SE, Java SE Embedded, JRockit. Los ataques exitosos requieren la interacci\u00f3n humana de una persona m\u00e1s que un atacante y mientras la vulnerabilidad est\u00e1 en los ataques de Java SE, Java SE Embedded, JRockit, pueden afectar significativamente a otros productos. Los ataques exitosos de esta vulnerabilidad pueden resultar en la adquisici\u00f3n de Java SE, Java SE Embedded, JRockit. Nota: Se aplica a la implementaci\u00f3n de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s de aplicaciones de Java Web Start y de Java. Tambi\u00e9n se puede explotar mediante el suministro de datos a las API en el Componente especificado sin utilizar aplicaciones de Java Web Start en modo recinto de seguridad o complementos de Java protegidos, como a trav\u00e9s de un servicio web.. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Impactos de disponibilidad). Vector CVSS: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"id": "CVE-2017-3511",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T19:59:03.190",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97731"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-21 00:59
Modified
2025-04-12 10:46
Severity ?
Summary
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51F16DD0-B15A-4B29-B68A-D6ABA0BF9623",
"versionEndIncluding": "1.0.1m",
"versionStartIncluding": "1.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86B99FE0-EFEF-4C34-9790-A14504D701C5",
"versionEndIncluding": "1.0.2a",
"versionStartIncluding": "1.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D0AB50-9195-4B1B-BB76-00F0A34C9389",
"versionEndIncluding": "1.0.1m",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*",
"matchCriteriaId": "B64BBA96-FB3C-46AC-9A29-50EE02714FE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*",
"matchCriteriaId": "EB672C2E-8ABF-40CD-97DA-28D939DE4C63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "228C7B8D-18EE-444A-8067-6C222844FB8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
"matchCriteriaId": "2755C397-75DF-4110-8C8A-05EFDFFF9BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
"matchCriteriaId": "18FB6138-2B3D-4C4B-8647-3D1646165641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "49B3533A-57B1-4EDA-9434-D75AE837F2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "914D54AC-EAAE-4A01-BA88-7F245BDA47C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
"matchCriteriaId": "33DD9C2A-9C6E-407B-8110-2EC7906DE036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
"matchCriteriaId": "88FA3ACA-B2FC-4D9C-B67E-35272514FB84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
"matchCriteriaId": "17B87292-EDBB-4D5A-8874-7405F040FAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "366E2702-633C-4D4C-ACF8-4CBEC66719F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
"matchCriteriaId": "8CFE55B4-9A07-4E88-98AC-8345243AEF79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D5BAC17C-EF31-4E94-9020-47B781AD94B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB31BE7C-CB6D-447E-AFF8-618998950FC5",
"versionEndIncluding": "8.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68566BD8-D5DD-4747-9C9A-59154400EBFA",
"versionEndIncluding": "10.10.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C6809678-475F-4703-BC9E-31EC8CAD3A24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF02A45-1811-44F2-B3C9-90C11F5DF6DF",
"versionEndIncluding": "1121",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFDA34B4-65B4-41A5-AC22-667C8D8FF4B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39B565E1-C2F1-44FC-A517-E3130332B17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C37BA825-679F-4257-9F2B-CE2318B75396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D4FFCF-5309-43B6-9FD5-680C6D535A7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4545786D-3129-4D92-B218-F4A92428ED48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AADD23B-A8AF-4679-990D-C29A1D6EB5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B692B58-6FB8-455F-86C0-35E0F216A736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FA389FFB-2289-4BFB-90A1-0E7EC42FFCEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*",
"matchCriteriaId": "DA79F816-D26E-4A0D-8CD8-994EBB42C822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C87BCC3-0315-4B3C-BFCD-1E218B475251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C00748D-ECFC-4ACA-964B-92330FE7B0EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E50128DD-9997-49E6-A47E-6A0B7959B3AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue."
},
{
"lang": "es",
"value": "El protocolo TLS 1.2 y anteriores, cuando una suite de cifrado DHE_EXPORT est\u00e1 habilitada en un servidor pero no en un cliente, no transporta una elecci\u00f3n DHE_EXPORT, lo que permite a atacantes man-in-the-middle realizar ataques de degradaci\u00f3n del cifrado mediante la rescritura de un ClientHello con DHE remplazado por DHE_EXPORT y posteriormente la rescritura de un ServerHello con DHE_EXPORT remplazado por DHE, tambi\u00e9n conocido como el problema \u0027Logjam\u0027."
}
],
"id": "CVE-2015-4000",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2015-05-21T00:59:00.087",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10681"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143506486712441\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143557934009303\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558092609708\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143628304012255\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143637549705650\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143655800220052\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050121701297\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144061542602287\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145409266329539\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2015/05/20/8"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1072.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1185.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT204941"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT204942"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX201114"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3300"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3324"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74733"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032474"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032475"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032476"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032637"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032645"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032647"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032648"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032649"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032650"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032651"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032652"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032653"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032654"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032655"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032656"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032688"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032699"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032702"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032727"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032759"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032777"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032778"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032783"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032784"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032856"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032864"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032865"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032871"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032884"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032932"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032960"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033019"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033064"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033065"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033067"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033208"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033209"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033210"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033222"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033341"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033385"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033416"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033430"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033433"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033513"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033760"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033891"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033991"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034087"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034728"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034884"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036218"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040630"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2656-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2656-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2673-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10122"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://puppet.com/security/cve/CVE-2015-4000"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20150619-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX216642"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://weakdh.org/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://weakdh.org/imperfect-forward-secrecy.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/security/cve/CVE-2015-4000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143506486712441\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143557934009303\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558092609708\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143628304012255\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143637549705650\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143655800220052\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050121701297\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144061542602287\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145409266329539\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2015/05/20/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1185.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT204941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT204942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX201114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2656-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2656-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2673-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://puppet.com/security/cve/CVE-2015-4000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20150619-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX216642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://weakdh.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://weakdh.org/imperfect-forward-secrecy.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/security/cve/CVE-2015-4000.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-17 01:31
Modified
2024-11-21 04:05
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 11.0.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 11.0.0 | |
| oracle | jrockit | r28.3.19 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_eus | 7.6 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| hp | xp7_command_view | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update201:*:*:*:*:*:*",
"matchCriteriaId": "9C07DBB8-760D-4A9E-B7C7-A382D650658B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update191:*:*:*:*:*:*",
"matchCriteriaId": "ED6BF214-B45C-405E-83AC-C8A084A6E4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update182:*:*:*:*:*:*",
"matchCriteriaId": "95C4D08B-88BF-4299-90B8-51F6B214C3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE66FC86-ADF3-4295-9C10-2A0AF16A538C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update201:*:*:*:*:*:*",
"matchCriteriaId": "BBE0F763-B860-4B30-A5E9-2FCE78F5932D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update191:*:*:*:*:*:*",
"matchCriteriaId": "C192F54C-108C-4E40-BC29-CF911C3B9EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update182:*:*:*:*:*:*",
"matchCriteriaId": "B4154B5B-9E0A-46D0-9CE9-E393119ACAA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32548053-521C-4D17-8791-680074D5C55E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A79CBB94-4DCC-4346-ACB1-00B9E346E811",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "50B5212A-03DC-48D3-8734-7FAA20A48D7F",
"versionEndExcluding": "8.6.3-00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JSSE). Las versiones compatibles que se han visto afectadas son JavaSE: 6u201, 7u191, 8u182 y 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por SSL/TLS comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos de esta vulnerabilidad pueden resultar en la actualizaci\u00f3n, inserci\u00f3n o eliminaci\u00f3n de acceso sin autorizaci\u00f3n de algunos de los datos accesibles de Java SE, Java SE Embedded y JRockit, as\u00ed como el acceso de lectura sin autorizaci\u00f3n a un subconjunto de datos accesibles de Java SE, Java SE Embedded y JRockit y la capacidad no autorizada de provocar una denegaci\u00f3n de servicio parcial (DOS parcial) de Java SE, Java SE Embedded y JRockit. Nota: esta vulnerabilidad se aplica a implementaciones Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o applets Java en sandbox (en Java SE 8) que cargan y ejecutan c\u00f3digo que no es de confianza (por ejemplo, c\u00f3digo proveniente de internet) y que conf\u00edan en el sandbox Java para protegerse. Esta vulnerabilidad tambi\u00e9n puede ser explotada mediante API en el componente especificado, por ejemplo, mediante un servicio web que proporciona datos a las API. CVSS 3.0 Base Score 5.6 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)."
}
],
"id": "CVE-2018-3180",
"lastModified": "2024-11-21T04:05:21.513",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-17T01:31:20.387",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/105617"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/105617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-21 03:00
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*",
"matchCriteriaId": "D6C77242-C6FB-4BED-BA51-E9477D64E311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*",
"matchCriteriaId": "1475C6EC-E2F6-4881-A89E-FB75C1AD1F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "79B1FE51-77FB-465F-BCF0-7076CBF54BF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en los componentes Java SE, Java SE Embedded y JRockit en Oracle Java SE 8u66; Java SE Embedded 8u65; y JRockit R28.3.8 permite a atacantes remotos afectar a la confidencialidad y la integridad a trav\u00e9s de vectores desconocidos relacionados con Libraries."
}
],
"evaluatorComment": "Per Oracle: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",
"id": "CVE-2016-0475",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2016-01-21T03:00:23.570",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034715"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201610-08"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-19 17:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "7037AEF9-403D-43EC-ABBB-B46619241586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "B781F1F7-DE18-41F7-83C1-8690B0884DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "6D36F2A6-1329-4D74-BADC-C22D46CF7CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270968EC-7662-41E1-BA9B-D259BEC53A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "D53D6C3C-C8F3-4FF4-AE9C-1BFF14E74EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "71219100-B476-4062-A40A-13F1B8C7DAED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "FCC055BA-0D21-4D2B-AC9B-B81B8468860C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66910F84-DDFD-4BA8-BE7F-44EB5E3F9C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "66CB92D2-A529-4912-9D59-40EAC3F5D674",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*",
"matchCriteriaId": "280520BC-070C-4423-A633-E6FE45E53D57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*",
"matchCriteriaId": "1AEFF829-A8F2-4041-8DDF-E705DB3ADED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "6BF60DAD-DAA2-4543-B82E-8E17F7B1DA06",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Serialization). Las versiones compatibles que se han visto afectadas son Java SE: 6u161, 7u151, 8u144 y 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) en Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 3.1 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2017-10345",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-19T17:29:03.997",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101396"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-19 17:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "7037AEF9-403D-43EC-ABBB-B46619241586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "B781F1F7-DE18-41F7-83C1-8690B0884DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "6D36F2A6-1329-4D74-BADC-C22D46CF7CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "270968EC-7662-41E1-BA9B-D259BEC53A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "D53D6C3C-C8F3-4FF4-AE9C-1BFF14E74EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "71219100-B476-4062-A40A-13F1B8C7DAED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update144:*:*:*:*:*:*",
"matchCriteriaId": "FCC055BA-0D21-4D2B-AC9B-B81B8468860C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66910F84-DDFD-4BA8-BE7F-44EB5E3F9C3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "66CB92D2-A529-4912-9D59-40EAC3F5D674",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*",
"matchCriteriaId": "280520BC-070C-4423-A633-E6FE45E53D57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*",
"matchCriteriaId": "1AEFF829-A8F2-4041-8DDF-E705DB3ADED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "6BF60DAD-DAA2-4543-B82E-8E17F7B1DA06",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Networking). Las versiones compatibles que se han visto afectadas son Java SE: 6u161, 7u151, 8u144 y 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a la capacidad no autorizada de provocar una denegaci\u00f3n de servicio parcial (DoS parcial) en Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2017-10355",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-19T17:29:04.343",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101369"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/101369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2025-05-06 15:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 10 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 10 | |
| oracle | jrockit | r28.3.17 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| hp | xp7_command_view | * | |
| schneider-electric | struxureware_data_center_expert | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "5B9A0DD9-878D-42E8-AA57-283E5D1E0A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A396-AF98-46BD-8B73-8CAC02BF12B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "4009C7E0-94C7-4838-94CF-5607D7C575CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0231D6-CA6A-4F76-997A-93AFB840CAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "DD3B3C9B-A53B-4921-8F5F-FF118283D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "038F6540-6674-4D7A-9A70-A62B0F3C9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "0F88A87F-D142-4FFD-8121-52FC9A4B70E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:10:*:*:*:*:*:*:*",
"matchCriteriaId": "095351DA-F50B-4BAF-A4EF-A9C1F8E40E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: AWT). Las versiones compatibles que se han visto afectadas son JavaSE: 6u181, 7u171, 8u162 y 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2798",
"lastModified": "2025-05-06T15:15:55.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2018-04-19T02:29:03.803",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103841"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-16 00:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| canonical | ubuntu_linux | 14.04 | |
| oracle | jrockit | r27.8.1 | |
| oracle | jrockit | r28.3.1 | |
| juniper | junos_space | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| ibm | forms_viewer | * | |
| ibm | forms_viewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFBC2BA-94F8-4D3B-9C70-3E9FA1F6E0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81434638-A069-4828-99FD-EEBAC3EB41CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B258D4C-2CAA-4493-8C35-E8A641A4FB14",
"versionEndExcluding": "15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "086781C9-08D6-4268-AEB4-F60365F51562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "DDD27C84-32AD-47CC-B47B-7FBA1321E717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F906BFD6-7654-46C5-8240-3A50949CAE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "E80738D2-3CE2-4EB6-AE4C-F90C2C93BFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "78BC97BC-F745-45E0-8749-41535F7C374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CA226495-4733-485A-9D53-85874434815D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "745E0942-12A9-49B3-851C-ED67F047BCEB",
"versionEndExcluding": "4.0.0.3",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5452C9C6-D761-4E3D-B7CF-C0AC55D08650",
"versionEndExcluding": "8.0.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con 2D."
}
],
"id": "CVE-2014-0429",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-16T00:55:23.920",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66856"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-19 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | jdk | 1.7.0 | |
| sun | jre | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| sun | jdk | * | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jre | * | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "893B13BC-9448-4AFD-BCC4-F289A523949B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD3FC81B-4E54-44D8-8118-1E256FE619E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE4B7CD-9510-4EA2-85A0-3266DB0D6082",
"versionEndIncluding": "r28.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "9F67F2BE-367C-4700-AE28-DA082325FF9D",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "ECEDE405-CEF6-4E52-A8AE-28B9274B2289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "B5559C2B-9A93-4EFC-BE31-32C9ADD4D5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "029E1F1D-2A77-4258-9D4F-6D31E827DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "0D2F2BE2-3022-4DC9-8505-F597F8CE1192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "A44CCE27-EE9F-4A66-B65A-24D015CE2764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "3FB18875-CC4B-49AC-B038-44824BECBB7E",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "188D2242-7D16-4F8E-AB61-4663804AAC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "40271AA6-B0E7-461D-8903-414FE4E7109D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "2231339D-4DF9-43CA-BC63-BD1EE1C17759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "A67ACAEB-D1B4-42C7-BEEC-8B5D8AFEBCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "342D28DD-2AF4-489F-BAC7-29745C153726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE v7, v6 Update 27 y anteriores, y JRockit vR28.1.4 y anteriores permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con el 2D."
}
],
"id": "CVE-2011-3551",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-19T21:55:01.410",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/50224"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70842"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14318"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JMX). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de datos confidenciales o de todos los datos accesibles de Java SE, Java SE Embedded y JRockit, as\u00ed como el acceso sin autorizaci\u00f3n a datos confidenciales o todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad s\u00f3lo puede ser explotada proporcionando datos a las API en los Componentes especificados sin emplear aplicaciones Java Web Start que no son de confianza o applets Java que no son de confianza, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 7.4 (impactos de confidencialidad e integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)."
}
],
"id": "CVE-2018-2637",
"lastModified": "2024-11-21T04:04:07.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:20.803",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102576"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-17 01:31
Modified
2024-11-21 04:05
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 11.0.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 11.0.0 | |
| oracle | jrockit | r28.3.19 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_eus | 7.6 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| hp | xp7_command_view | * | |
| hp | xp7_command_view | 8.6.4-00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update201:*:*:*:*:*:*",
"matchCriteriaId": "9C07DBB8-760D-4A9E-B7C7-A382D650658B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update191:*:*:*:*:*:*",
"matchCriteriaId": "ED6BF214-B45C-405E-83AC-C8A084A6E4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "7D8C0DB7-6178-4D70-B460-97A49F012560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE66FC86-ADF3-4295-9C10-2A0AF16A538C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update201:*:*:*:*:*:*",
"matchCriteriaId": "BBE0F763-B860-4B30-A5E9-2FCE78F5932D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update191:*:*:*:*:*:*",
"matchCriteriaId": "C192F54C-108C-4E40-BC29-CF911C3B9EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "4ADC2C70-B7C4-49AC-B4CC-C5FC60903F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32548053-521C-4D17-8791-680074D5C55E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A79CBB94-4DCC-4346-ACB1-00B9E346E811",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "50B5212A-03DC-48D3-8734-7FAA20A48D7F",
"versionEndExcluding": "8.6.3-00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:8.6.4-00:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DE29B4EB-63F6-4B9E-A35B-3DDC07253D13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JNDI). Las versiones compatibles que se han visto afectadas son JavaSE: 6u201, 7u191, 8u182 y 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante y, aunque la vulnerabilidad est\u00e1 presente en Java SE, Java SE Embedded y JRockit, los ataques podr\u00edan afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en la toma de control de Java SE, Java SE Embedded y JRockit. Nota: esta vulnerabilidad se aplica a implementaciones Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o applets Java en sandbox (en Java SE 8) que cargan y ejecutan c\u00f3digo que no es de confianza (por ejemplo, c\u00f3digo proveniente de internet) y que conf\u00edan en el sandbox Java para protegerse. Esta vulnerabilidad tambi\u00e9n puede ser explotada mediante API en el componente especificado, por ejemplo, mediante un servicio web que proporciona datos a las API. CVSS 3.0 Base Score 8.3 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"id": "CVE-2018-3149",
"lastModified": "2024-11-21T04:05:17.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-17T01:31:17.510",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105608"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-19 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | jdk | 1.7.0 | |
| sun | jre | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| sun | jdk | * | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jre | * | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "893B13BC-9448-4AFD-BCC4-F289A523949B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD3FC81B-4E54-44D8-8118-1E256FE619E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE4B7CD-9510-4EA2-85A0-3266DB0D6082",
"versionEndIncluding": "r28.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "9F67F2BE-367C-4700-AE28-DA082325FF9D",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "ECEDE405-CEF6-4E52-A8AE-28B9274B2289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "B5559C2B-9A93-4EFC-BE31-32C9ADD4D5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "029E1F1D-2A77-4258-9D4F-6D31E827DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "0D2F2BE2-3022-4DC9-8505-F597F8CE1192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "A44CCE27-EE9F-4A66-B65A-24D015CE2764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "3FB18875-CC4B-49AC-B038-44824BECBB7E",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "188D2242-7D16-4F8E-AB61-4663804AAC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "40271AA6-B0E7-461D-8903-414FE4E7109D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "2231339D-4DF9-43CA-BC63-BD1EE1C17759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "A67ACAEB-D1B4-42C7-BEEC-8B5D8AFEBCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "342D28DD-2AF4-489F-BAC7-29745C153726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE v7, v6 Update 27 y anteriores, y JRockit vR28.1.4 y anteriores permite a usuarios remotos autenticados afectar a la confidencialidad, en relaci\u00f3n sobre JAXWS."
}
],
"id": "CVE-2011-3553",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-19T21:55:01.470",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/76512"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/50246"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70840"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/76512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14311"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-21 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "27BBEF93-7B3E-48C5-84B8-606C6257F020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "3CB2A0A4-F70C-4161-9504-781E49925180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "8D5A88F0-6F37-402F-8153-92B4D4083313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "E5D9CEF0-6DE9-4886-91B9-3AEDD6E5A24E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "5AB1B679-623A-4ADE-B235-A35EFCA0CC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*",
"matchCriteriaId": "9907A48A-6F6A-47C9-86AD-0834E1CB30E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*",
"matchCriteriaId": "63A5916F-9EDC-48E3-A3D3-9BF98CD5BC63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*",
"matchCriteriaId": "4B7E7C40-2A96-45AC-BBB6-1E6C07A466A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*",
"matchCriteriaId": "15C71821-E1E2-4083-92FF-C0FE10443556",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a trav\u00e9s de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4893 y CVE-2015-4911."
}
],
"evaluatorComment": "Per \u003ca href=\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\"\u003eLINK\u003c/a\u003e: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",
"id": "CVE-2015-4803",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-21T21:59:20.927",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/77200"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-21 03:00
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*",
"matchCriteriaId": "B0AD78A5-E3C8-4CF1-967C-7F934F9DAFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "4B0EF44A-833C-4B9D-824A-5E0FFFBA8340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*",
"matchCriteriaId": "D6C77242-C6FB-4BED-BA51-E9477D64E311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*",
"matchCriteriaId": "7CB263D7-6718-4BE2-8423-B25FD727915E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "CB1CAC76-2414-43D0-917D-5C1E60438178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*",
"matchCriteriaId": "1475C6EC-E2F6-4881-A89E-FB75C1AD1F20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "79B1FE51-77FB-465F-BCF0-7076CBF54BF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u105, 7u91 y 8u66; Java SE Embedded 8u65; y JRockit R28.3.8 permite a atacantes remotos afectar a la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores relacionados con AWT. NOTA: la informaci\u00f3n anterior es de la CPU de Enero de 2016. Oracle no ha comentado sobre las reclamaciones de terceros que esto es desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n readImage, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos de imagen manipulada."
}
],
"evaluatorComment": "Per Oracle: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",
"id": "CVE-2016-0483",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2016-01-21T03:00:31.307",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034715"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2884-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2885-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2884-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2885-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201610-08"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-19 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| sun | jdk | * | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jre | * | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jdk | * | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jre | * | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jdk | * | |
| sun | jdk | 1.4.2 | |
| sun | jdk | 1.4.2_1 | |
| sun | jdk | 1.4.2_2 | |
| sun | jdk | 1.4.2_3 | |
| sun | jdk | 1.4.2_4 | |
| sun | jdk | 1.4.2_5 | |
| sun | jdk | 1.4.2_6 | |
| sun | jdk | 1.4.2_7 | |
| sun | jdk | 1.4.2_8 | |
| sun | jdk | 1.4.2_9 | |
| sun | jdk | 1.4.2_10 | |
| sun | jdk | 1.4.2_11 | |
| sun | jdk | 1.4.2_12 | |
| sun | jdk | 1.4.2_13 | |
| sun | jdk | 1.4.2_14 | |
| sun | jdk | 1.4.2_15 | |
| sun | jdk | 1.4.2_16 | |
| sun | jdk | 1.4.2_17 | |
| sun | jdk | 1.4.2_18 | |
| sun | jdk | 1.4.2_19 | |
| sun | jdk | 1.4.2_20 | |
| sun | jdk | 1.4.2_21 | |
| sun | jdk | 1.4.2_22 | |
| sun | jdk | 1.4.2_23 | |
| sun | jdk | 1.4.2_24 | |
| sun | jdk | 1.4.2_25 | |
| sun | jdk | 1.4.2_26 | |
| sun | jdk | 1.4.2_27 | |
| sun | jdk | 1.4.2_28 | |
| sun | jdk | 1.4.2_29 | |
| sun | jdk | 1.4.2_30 | |
| sun | jdk | 1.4.2_31 | |
| sun | jdk | 1.4.2_32 | |
| sun | jre | * | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_1 | |
| sun | jre | 1.4.2_2 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_4 | |
| sun | jre | 1.4.2_5 | |
| sun | jre | 1.4.2_6 | |
| sun | jre | 1.4.2_7 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.4.2_13 | |
| sun | jre | 1.4.2_14 | |
| sun | jre | 1.4.2_15 | |
| sun | jre | 1.4.2_16 | |
| sun | jre | 1.4.2_17 | |
| sun | jre | 1.4.2_18 | |
| sun | jre | 1.4.2_19 | |
| sun | jre | 1.4.2_20 | |
| sun | jre | 1.4.2_21 | |
| sun | jre | 1.4.2_22 | |
| sun | jre | 1.4.2_23 | |
| sun | jre | 1.4.2_24 | |
| sun | jre | 1.4.2_25 | |
| sun | jre | 1.4.2_26 | |
| sun | jre | 1.4.2_27 | |
| sun | jre | 1.4.2_28 | |
| sun | jre | 1.4.2_29 | |
| sun | jre | 1.4.2_30 | |
| sun | jre | 1.4.2_31 | |
| sun | jre | 1.4.2_32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE4B7CD-9510-4EA2-85A0-3266DB0D6082",
"versionEndIncluding": "r28.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "9F67F2BE-367C-4700-AE28-DA082325FF9D",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "ECEDE405-CEF6-4E52-A8AE-28B9274B2289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "B5559C2B-9A93-4EFC-BE31-32C9ADD4D5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "029E1F1D-2A77-4258-9D4F-6D31E827DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "0D2F2BE2-3022-4DC9-8505-F597F8CE1192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "A44CCE27-EE9F-4A66-B65A-24D015CE2764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "3FB18875-CC4B-49AC-B038-44824BECBB7E",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "188D2242-7D16-4F8E-AB61-4663804AAC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "40271AA6-B0E7-461D-8903-414FE4E7109D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "2231339D-4DF9-43CA-BC63-BD1EE1C17759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "A67ACAEB-D1B4-42C7-BEEC-8B5D8AFEBCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "342D28DD-2AF4-489F-BAC7-29745C153726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update31:*:*:*:*:*:*",
"matchCriteriaId": "3CF9A144-2F2C-4E04-A474-45EE2074B5B9",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update31:*:*:*:*:*:*",
"matchCriteriaId": "019C8A1B-75CF-4639-BD68-AE431CC356D7",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A54FCC-F062-402B-ABCB-E8421BF5A265",
"versionEndIncluding": "1.4.2_33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E5ACCC-F82F-42F8-860A-92765D0F0B28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9CA652-9B8C-4175-9ED8-71F441ADF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "93B973CB-25CE-4CA4-A4F8-577ED9ACEFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "00F66ED4-F74A-4F61-B01C-122DC98D5324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "7321A75D-AC6E-486E-8911-AF66A992C8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D70B8B14-B4A2-4D05-B999-E2840A2365E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EDC5EB-2E48-462E-BA0B-217BC470DFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1D44C4-E43A-4D63-A5C9-76E885D3B436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "52E30E1D-2766-4E79-B9C7-7B998E23A49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9872BC-5A24-4855-8D01-4C43BBF5C265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "E94D13A6-E832-4BDF-8AF2-A4E0EF7DCBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5EFE8C-B098-460C-AFE5-C5A938599F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "040AD56D-A0B7-4AF7-AF3D-4B4BD802516D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F7DF1-E117-4FD4-9A63-D05747727D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "D63DF43C-4781-4E0F-89C4-0BFC841A0488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "6D29842F-2185-46C5-8091-23ECB06CB680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF285D8-6E75-4932-A28B-639DA07F1124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_17:*:*:*:*:*:*:*",
"matchCriteriaId": "817C3737-F625-4EE9-BB5C-D4B624EF0DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_18:*:*:*:*:*:*:*",
"matchCriteriaId": "3A152C0A-65CE-438D-8B53-32D1EFC019F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_19:*:*:*:*:*:*:*",
"matchCriteriaId": "BA8DEFA1-AAA4-4AA2-859F-257B9B4D2B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_20:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D4AA46-B38D-4A80-A36F-979FA1EAB35E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_21:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E3A6C-2C32-40D6-9158-A5C6EDF6634A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_22:*:*:*:*:*:*:*",
"matchCriteriaId": "61D91803-E776-40E9-9038-300CBEDE951E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_23:*:*:*:*:*:*:*",
"matchCriteriaId": "933B79BF-1243-43CC-BD05-23DB0FD51B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_24:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6131D2-AB88-44EB-811C-A860647ED897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_25:*:*:*:*:*:*:*",
"matchCriteriaId": "20E63A14-0C67-42E7-9AA2-9FE32D82E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_26:*:*:*:*:*:*:*",
"matchCriteriaId": "59876E98-38A8-4179-AF7B-2189986CA79B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_27:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AE3C30-E7B7-422F-9E8C-496E12D8E5D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_28:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5D0A7E-3B1A-4FA9-9C6B-4F594DDC94AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_29:*:*:*:*:*:*:*",
"matchCriteriaId": "B07C6273-0863-405F-B086-2102DDE6B119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_30:*:*:*:*:*:*:*",
"matchCriteriaId": "396C5B70-314F-4FBF-BEA8-A254F83F3634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_31:*:*:*:*:*:*:*",
"matchCriteriaId": "1B930117-97F7-4DBC-A801-34B32B6D3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_32:*:*:*:*:*:*:*",
"matchCriteriaId": "FF500A3A-724D-498F-BC25-E2A0E22D0915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCE2D17-1134-47F0-8A50-05618F7D2DD2",
"versionEndIncluding": "1.4.2_33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "6C660DE4-543A-4E9B-825D-CD099D08CBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "318719C9-7B01-4021-B2EF-8341254DFE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8FA9BA-51CA-4473-9FE1-9A32FB8C8041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5E64B6-77DA-44BC-B646-AE01041B1830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA35E80-9E0E-4A26-B631-A61542BE4739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEB5367-1BB8-4ED3-8C04-ABA6BAA5AD10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*",
"matchCriteriaId": "BED9E7C8-0418-4733-A496-61CCFD638859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*",
"matchCriteriaId": "6566CE32-E042-424A-893B-C8A9E26E2869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*",
"matchCriteriaId": "B760192E-7193-4FEF-8FFA-680AC89D45A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*",
"matchCriteriaId": "1C020210-8EBA-41D2-BE4A-962CD902857C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*",
"matchCriteriaId": "076444F1-543E-4061-9D39-415A1A889F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*",
"matchCriteriaId": "B29C4AA1-30F8-4AA3-A8B5-4125CF9B66F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_27:*:*:*:*:*:*:*",
"matchCriteriaId": "45BD257F-4310-44C7-A304-2F174FA93C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_28:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7B39AB-4B2E-40A2-9FB9-0E209DC7F24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_29:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF9D788-1A3A-4988-8C7B-AFF0E81C68CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_30:*:*:*:*:*:*:*",
"matchCriteriaId": "50B3174A-58BB-469D-BB32-D503DBE58832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_31:*:*:*:*:*:*:*",
"matchCriteriaId": "2F82BE05-5170-4F9B-ADE8-935F5BC1BABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_32:*:*:*:*:*:*:*",
"matchCriteriaId": "DD793765-DA0B-422C-BD31-DA48A8F6EC7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE JDK y JRE 6 Update 27 y anteriores, v5.0 Update 31 y anteriores, y v1.4.2_33 y anteriores, y JRockit vR28.1.4 y anteriores, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionado con el Sound."
}
],
"id": "CVE-2011-3545",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-19T21:55:01.143",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48692"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/49198"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/50220"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70848"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14180"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "B1384D79-F9DA-44C5-A3C9-3CCE627B2255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "92EF1E3B-6EF8-499A-84EA-D7792B181CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "73185AEF-8CB1-4728-9E99-D0D2A3419D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "BEB76EC4-557F-4C67-BE1E-79E837043B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "C747C39A-145E-4648-99C2-0A8C7BA77F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "706F9471-3647-4D13-B794-4F53700091F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "1ED8B5A9-E738-430E-9FC6-206DFC98B965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "4AA3E574-DC5D-465B-95B8-CD1AF5433646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1A57E9-0134-466F-B8EE-9E38A844F865",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE, Java SE Embedded, JRockit de Oracle Java SE (Subcomponente:JAAS). Versiones compatibles que est\u00e1n afectadas son Java SE: 6u131, 7u121 y 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Vulnerabilidad dif\u00edcil de explotar permite a atacantes poco privilegiados con acceso a la red a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE, Java SE Embedded, JRockit. Ataques exitosos requieren interacci\u00f3n humana de una persona distinta del atacante y mientras la vulnerabilidad est\u00e9 en Java SE, Java SE Embedded, JRockit, los ataques podr\u00edan afectar significativamente a productos adicionales. Ataques exitosos de esta vulnerabilidad pueden resultar en creaci\u00f3n no autorizada, inserci\u00f3n o borrado de acceso a todos los datos accesibles de Java SE, Java SE Embedded, JRockit. Nota: Aplica a la implementaci\u00f3n de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s de aplicaciones Java Web Start y applets Java aislados. Tambi\u00e9n puede ser explotada suministrando datos de APIs en el componente especificado sin utilizar aplicaciones Java Web Start o applets Java aislados, como por ejemplo mediante un servicio web. CVSS v3.0 Base Score 5.8 (Impactos de integridad)."
}
],
"id": "CVE-2017-3252",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-27T22:59:02.693",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95509"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*",
"matchCriteriaId": "D344C52B-BE53-4CA0-A34F-7605F1291FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*",
"matchCriteriaId": "86A7546D-3372-41CA-9E12-03F93259934A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*",
"matchCriteriaId": "265E9C6F-F7FD-4F11-A775-D4DFE449DEC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*",
"matchCriteriaId": "0E710C31-C9F4-46BD-9377-19745C1B6F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*",
"matchCriteriaId": "2CAB36DB-1322-4979-9F93-C02122E8639C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*",
"matchCriteriaId": "B40DE6E4-6F3B-4BF8-863A-5D8C4AE07E59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FA90A3B9-9749-44F5-BAFC-40BA2BD37B43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE, Java SE Embedded, JRockit de Oracle Java SE (subcomponente: JAXP). Versiones compatibles que son afectadas son Java SE: 6u141, 7u131 y 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Vulnerabilidad dificil de explotar permite autenticado atacante con acceso a la red a trav\u00e9s de m\u00faltiples protocolos para comprometer Java SE, Java SE Embedded, JRockit. Los ataques exitosos de esta vulnerabilidad pueden resultar en una habilidad no autorizada para causar un bloqueo o un bloqueo repetible con frecuencia (DOS completo) de Java SE, Java SE Embedded, JRockit. Nota: Se aplica a la implementaci\u00f3n de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s de aplicaciones de Java Web Start y de Java. Tambi\u00e9n se puede explotar mediante el suministro de datos a las API en el Componente especificado sin utilizar aplicaciones de Java Web Start en modo recinto de seguridad o complementos de Java protegidos, como a trav\u00e9s de un servicio web.. CVSS 3.0 Base Score 5.9 (Impactos de disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
],
"id": "CVE-2017-3526",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T19:59:03.677",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97733"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| oracle | jre | * | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r27.7.1 | |
| oracle | jrockit | r27.7.2 | |
| oracle | jrockit | r27.7.3 | |
| oracle | jrockit | r27.7.4 | |
| oracle | jrockit | r27.7.5 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| oracle | jrockit | r28.1.4 | |
| oracle | jrockit | r28.1.5 | |
| oracle | jrockit | r28.2.2 | |
| oracle | jrockit | r28.2.3 | |
| oracle | jrockit | r28.2.4 | |
| oracle | jrockit | r28.2.5 | |
| oracle | jrockit | r28.2.6 | |
| oracle | jdk | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jre | * | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "720419B2-5E62-4FE8-8A0E-A67436E9E3F5",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "47E3CD14-7C90-4ECF-BEB8-BCAD9EB5883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "56A0449D-E87C-4BAC-AEB3-3C3DBEC1BFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "6559C549-49B6-4784-A30E-605A5632B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B5802968-A12E-4938-B322-D1002F55D7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "91D354BB-6849-44B9-9E2A-0EEA66E4D9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "9FEFE472-63A9-4D02-A674-2EFA4C781D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "15CBCC05-5D20-4672-9BDD-879F8CB933FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "2769B772-C54F-486D-AE21-1EFF237ED5BA",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "CBCCEDA8-1984-4E88-A838-294CD3D12857",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "535FA154-AB3D-449E-94C4-DA2F023A57CD",
"versionEndIncluding": "r27.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C032857-3236-4300-8252-1ECA38C18FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DFD492-029A-4560-AFC0-56187B0F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E78A93E-1600-41CE-A315-E50C00A8A2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422B920-B9E9-4CF6-8BAF-974CDA1ECEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "63E65735-D861-4FEC-93B8-1769671E8B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192167A3-A4D7-49D1-B21B-DC064E6CBE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D9DF02-2882-4AFF-AB72-A22C648AAB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8200-370E-4428-B124-05E1B1C35DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC02DC7-6076-4BBF-B384-DC02F5FA788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB3E3F-7DC6-4196-974F-5E16F404E3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3AAA87-E27E-44E7-9148-37CC05966595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "5DE61035-9270-4CFE-A331-98D9203929F4",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "239B595E-6A76-4F56-BBED-8D3606156CF4",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la confidenciallidad, integridad y disponibilidad a trav\u00e9s de vectores relacionados con JAXP."
}
],
"evaluatorComment": "Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\u0027Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\u0027",
"id": "CVE-2013-5802",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.160",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019130"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/63135"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19207"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JCE). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en un acceso no autorizado a datos de suma importancia o un acceso completo a todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.9 (impactos en la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"id": "CVE-2018-2618",
"lastModified": "2024-11-21T04:04:03.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:19.990",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102612"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jrockit | r28.3.16 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| schneider-electric | struxureware_data_center_expert | * | |
| hp | xp_command_view | * | |
| hp | xp_p9000_command_view | * | |
| hp | xp7_command_view | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, y JRockit de Oracle Java SE (subcomponente: Serialization). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171 y 7u161; JRockit: R28.3.16. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE y JRockit. Nota: Esta vulnerabilidad s\u00f3lo puede ser explotada proporcionando datos a las API en los Componentes especificados sin emplear aplicaciones Java Web Start que no son de confianza o applets Java que no son de confianza, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2657",
"lastModified": "2024-11-21T04:04:10.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:21.743",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102629"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8556AADE-54E7-4D1B-A5AB-D37EF3B4962E",
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "212E1878-1B9A-4CB4-A1CE-EAD60B867161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "A692982A-DED0-42C8-BC5B-F25314309F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B92F025C-D612-4A64-B138-E6B4B113B504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Serialization). Las versiones compatibles que se han visto afectadas son JavaSE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos de esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start en sandbox o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2017-10108",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:03.553",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99846"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8556AADE-54E7-4D1B-A5AB-D37EF3B4962E",
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Security). Las versiones compatibles que se han visto afectadas son Java SE: 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en un acceso no autorizado a datos de suma importancia o un acceso completo a todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start en sandbox o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 7.5 (impactos en la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"id": "CVE-2017-10176",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:05.163",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99788"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-21 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| novell | suse_linux_enterprise_desktop | 11.0 | |
| novell | suse_linux_enterprise_server | 12.0 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r27.8.4 | |
| oracle | jrockit | r28.3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A46AFB60-4775-48A9-81FA-5A54CEDA7625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "8C137033-B58D-47A1-B10E-97E161B9DBB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "B47EBED9-2DA8-4282-91B8-4F5BE586078B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "EB2429BA-65AE-4EC5-B6BC-3767651BEC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*",
"matchCriteriaId": "D95925E1-5761-4CDD-80A0-52939ABF52F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "E87241E0-A296-4CAA-980A-FC572DAEB9F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "49A6100C-86B5-4180-8807-06FB211443AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "8B25BDB2-90A1-40EA-B1EE-CF1B731CE919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "A9FE9C93-6AE9-49E7-B908-DF85B21F7247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "36E6A798-78A6-498E-9668-D5D427890E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:*",
"matchCriteriaId": "E40DC6EF-6153-403A-BAA0-4425385F92DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "8A9B64C6-749E-4E98-9ACA-B715A13EA390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "FC4DE6A8-EFB0-480E-863E-BF49823321EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A02772D-DB3D-444B-AA9B-9367BE6FD677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39F11BE8-91C7-40ED-841E-6803E053F65D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25; Java SE Embedded 7u71 y 8u6; y JRockit R27.8.4 y R28.3.4 permite a usuarios locales afectar la integridad y la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Hotspot."
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\n\nApplies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",
"id": "CVE-2015-0383",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-21T18:59:28.467",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158088.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158791.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158810.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/72155"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100148"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158088.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158791.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158810.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:phoenixcontact:fl_mguard_dm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8556AADE-54E7-4D1B-A5AB-D37EF3B4962E",
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "212E1878-1B9A-4CB4-A1CE-EAD60B867161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B92F025C-D612-4A64-B138-E6B4B113B504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JCE). Las versiones compatibles que se han visto afectadas son Java SE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en un acceso no autorizado a datos de suma importancia o un acceso completo a todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.9 (impactos en la confidencialidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"id": "CVE-2017-10135",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:04.413",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99839"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-21 23:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "27BBEF93-7B3E-48C5-84B8-606C6257F020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "3CB2A0A4-F70C-4161-9504-781E49925180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "8D5A88F0-6F37-402F-8153-92B4D4083313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "E5D9CEF0-6DE9-4886-91B9-3AEDD6E5A24E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "5AB1B679-623A-4ADE-B235-A35EFCA0CC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*",
"matchCriteriaId": "9907A48A-6F6A-47C9-86AD-0834E1CB30E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*",
"matchCriteriaId": "63A5916F-9EDC-48E3-A3D3-9BF98CD5BC63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*",
"matchCriteriaId": "4B7E7C40-2A96-45AC-BBB6-1E6C07A466A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*",
"matchCriteriaId": "15C71821-E1E2-4083-92FF-C0FE10443556",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la integridad a trav\u00e9s de vectores desconocidos relacionados con Security."
}
],
"evaluatorComment": "Per \u003ca href=\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\"\u003eLINK\u003c/a\u003e: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.",
"id": "CVE-2015-4872",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-21T23:59:36.253",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/77211"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | * | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| oracle | jrockit | r28.1.4 | |
| oracle | jrockit | r28.1.5 | |
| oracle | jrockit | r28.2.2 | |
| oracle | jrockit | r28.2.3 | |
| oracle | jrockit | r28.2.4 | |
| oracle | jrockit | r28.2.5 | |
| oracle | jrockit | r28.2.6 | |
| oracle | jdk | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| oracle | jre | * | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r27.7.1 | |
| oracle | jrockit | r27.7.2 | |
| oracle | jrockit | r27.7.3 | |
| oracle | jrockit | r27.7.4 | |
| oracle | jrockit | r27.7.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "239B595E-6A76-4F56-BBED-8D3606156CF4",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192167A3-A4D7-49D1-B21B-DC064E6CBE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D9DF02-2882-4AFF-AB72-A22C648AAB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8200-370E-4428-B124-05E1B1C35DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC02DC7-6076-4BBF-B384-DC02F5FA788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB3E3F-7DC6-4196-974F-5E16F404E3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3AAA87-E27E-44E7-9148-37CC05966595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "720419B2-5E62-4FE8-8A0E-A67436E9E3F5",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "47E3CD14-7C90-4ECF-BEB8-BCAD9EB5883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "56A0449D-E87C-4BAC-AEB3-3C3DBEC1BFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "6559C549-49B6-4784-A30E-605A5632B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B5802968-A12E-4938-B322-D1002F55D7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "91D354BB-6849-44B9-9E2A-0EEA66E4D9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "9FEFE472-63A9-4D02-A674-2EFA4C781D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "15CBCC05-5D20-4672-9BDD-879F8CB933FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "CBCCEDA8-1984-4E88-A838-294CD3D12857",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "2769B772-C54F-486D-AE21-1EFF237ED5BA",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "535FA154-AB3D-449E-94C4-DA2F023A57CD",
"versionEndIncluding": "r27.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C032857-3236-4300-8252-1ECA38C18FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DFD492-029A-4560-AFC0-56187B0F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E78A93E-1600-41CE-A315-E50C00A8A2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422B920-B9E9-4CF6-8BAF-974CDA1ECEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "63E65735-D861-4FEC-93B8-1769671E8B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, y JRockit R27.7.6 y anteriores que permite a atacantes remotos afectar la confidencialidad y la integridad a trav\u00e9s de vectores desconocidos relacionados con Javadoc."
}
],
"evaluatorComment": "Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\u0027Applies to sites that run the Javadoc tool as a service and then host the resulting documentation. It is recommended that sites filter HTML where it is not explicitly allowed for javadocs.\u0027",
"id": "CVE-2013-5804",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.287",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/63149"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19188"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-27 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "B1384D79-F9DA-44C5-A3C9-3CCE627B2255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "92EF1E3B-6EF8-499A-84EA-D7792B181CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "73185AEF-8CB1-4728-9E99-D0D2A3419D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "BEB76EC4-557F-4C67-BE1E-79E837043B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6:update_131:*:*:*:*:*:*",
"matchCriteriaId": "C747C39A-145E-4648-99C2-0A8C7BA77F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7:update_121:*:*:*:*:*:*",
"matchCriteriaId": "706F9471-3647-4D13-B794-4F53700091F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_111:*:*:*:*:*:*",
"matchCriteriaId": "1ED8B5A9-E738-430E-9FC6-206DFC98B965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "4AA3E574-DC5D-465B-95B8-CD1AF5433646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1A57E9-0134-466F-B8EE-9E38A844F865",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE, Java SE Embedded, JRockit de Oracle Java SE (subcomponente: RMI). Versiones compatibles que est\u00e1n afectadas son Java SE: 6u131, 7u121 y 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Vulnerabilidad dif\u00edcil de explotar permite a atacante no autenticado con acceso de red a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE, Java SE Embedded, JRockit. Mientras la vulnerabilidad est\u00e9 en Java SE, Java SE Embedded, JRockit, los ataques podr\u00edan afectar significativamente a productos adicionales. Ataques exitosos de esta vulnerabilidad pueden resultar en la toma de control de Java SE, Java SE Embedded, JRockit. Nota: Esta vulnerabilidad \u00fanicamente puede ser explotada suministrando datos de APIs en el componente especificado sin utilizar aplicaciones Untrusted Java Web Start o applets Untrusted Java, como por ejemplo a trav\u00e9s de un servicio web. CVSS v3.0 Base Score 9.0 (Impactos de Confidencialidad, Integridad y Disponibilidad)."
}
],
"id": "CVE-2017-3241",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-27T22:59:02.333",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/95488"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "secalert_us@oracle.com",
"url": "https://erpscan.io/advisories/erpscan-17-006-oracle-openjdk-java-serialization-dos-vulnerability/"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www.exploit-db.com/exploits/41145/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-17-006-oracle-openjdk-java-serialization-dos-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/41145/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-08 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "A3322D72-6B56-467E-90E5-5DCE0FA1F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "C4D0E043-D34F-446D-879B-692E3CF500C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "106E9F69-857A-42F8-A727-2650C896D3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update151:*:*:*:*:*:*",
"matchCriteriaId": "673DD72C-4FC8-406A-A24A-B06DD709649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "363C8E7E-2EEA-4308-A141-854B9EC17AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "595FC4B7-418E-457C-ADCC-0A49A676D629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1FE26D-1936-475A-B644-BBB4281FB5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "BD075607-09B7-493E-8611-66D041FFDA62",
"versionStartIncluding": "7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9CC59D-6182-4B5E-96B5-226FCD343916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "698C6261-679D-45C1-A396-57AC96AD64D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD81527-A341-42C3-9AB9-880D3DB04B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E32A4C2E-3DA6-4BE5-9D95-9F800B01ED9A",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A79A7B7-2CE9-4F5E-B76D-01A882C66226",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "3FA5E22C-489B-4C5F-A5F3-C03F45CA8811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE0A9D2-9A49-4BF6-BC6F-8249162D8334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1E35D95E-CCBF-4335-A4DB-02218BA172DE",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:9.6:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B92F025C-D612-4A64-B138-E6B4B113B504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13270F58-E106-48CE-9933-E68AABBBFC21",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923F6B82-6A8B-4994-89F6-C430775D5234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:6.0:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "2AA40F7F-504D-47A9-9778-EC4CE46EB8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JAX-WS). Las versiones compatibles que se han visto afectadas son JavaSE: 6u151, 7u141 y 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en un acceso de lectura sin autorizaci\u00f3n de un subconjunto de datos accesibles de Java SE, Java SE Embedded y JRockit. Adem\u00e1s, pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 6.5 (impactos en la confidencialidad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)."
}
],
"id": "CVE-2017-10243",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-08T15:29:07.177",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99827"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/99827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-22 00:00
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "27BBEF93-7B3E-48C5-84B8-606C6257F020",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "3CB2A0A4-F70C-4161-9504-781E49925180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "8D5A88F0-6F37-402F-8153-92B4D4083313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "E5D9CEF0-6DE9-4886-91B9-3AEDD6E5A24E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "5AB1B679-623A-4ADE-B235-A35EFCA0CC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*",
"matchCriteriaId": "9907A48A-6F6A-47C9-86AD-0834E1CB30E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*",
"matchCriteriaId": "63A5916F-9EDC-48E3-A3D3-9BF98CD5BC63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*",
"matchCriteriaId": "4B7E7C40-2A96-45AC-BBB6-1E6C07A466A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*",
"matchCriteriaId": "15C71821-E1E2-4083-92FF-C0FE10443556",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a trav\u00e9s de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4803 y CVE-2015-4893."
}
],
"id": "CVE-2015-4911",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-22T00:00:14.160",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/77209"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| oracle | javafx | * | |
| oracle | javafx | 2.0 | |
| oracle | javafx | 2.0.2 | |
| oracle | javafx | 2.0.3 | |
| oracle | javafx | 2.1 | |
| oracle | javafx | 2.2 | |
| oracle | javafx | 2.2.3 | |
| oracle | javafx | 2.2.4 | |
| oracle | javafx | 2.2.5 | |
| oracle | javafx | 2.2.7 | |
| oracle | javafx | 2.2.21 | |
| oracle | jre | * | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| oracle | jrockit | r28.1.4 | |
| oracle | jrockit | r28.1.5 | |
| oracle | jrockit | r28.2.2 | |
| oracle | jrockit | r28.2.3 | |
| oracle | jrockit | r28.2.4 | |
| oracle | jrockit | r28.2.5 | |
| oracle | jrockit | r28.2.6 | |
| oracle | jre | * | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r27.7.1 | |
| oracle | jrockit | r27.7.2 | |
| oracle | jrockit | r27.7.3 | |
| oracle | jrockit | r27.7.4 | |
| oracle | jrockit | r27.7.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "720419B2-5E62-4FE8-8A0E-A67436E9E3F5",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "47E3CD14-7C90-4ECF-BEB8-BCAD9EB5883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "56A0449D-E87C-4BAC-AEB3-3C3DBEC1BFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "6559C549-49B6-4784-A30E-605A5632B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B5802968-A12E-4938-B322-D1002F55D7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "91D354BB-6849-44B9-9E2A-0EEA66E4D9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "9FEFE472-63A9-4D02-A674-2EFA4C781D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "15CBCC05-5D20-4672-9BDD-879F8CB933FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "CBCCEDA8-1984-4E88-A838-294CD3D12857",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:javafx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "211D20FA-1F11-4B12-9B18-7A9F17CC1984",
"versionEndIncluding": "2.2.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64BDB79F-96E0-43A4-81CD-BADF0B039006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0E861D-AEBC-46EF-8CA6-CF7DE2518DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4477BB-9B0A-4874-9A5B-1B6193DC94E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA3A1CE-1531-426A-A600-4DD6FB63D01A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2179A9-513A-46AA-BC4D-ED988B38650F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F37311B5-5404-435B-BBB6-76DA3EA19730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55CB5B80-C778-456D-8871-CA79DED61078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00472766-CED3-42FD-AD93-811EDBC45790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A2598CD0-B320-4A99-B291-0D901ADCF871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFDCE11-A697-4E2F-A803-41D02CE15917",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "239B595E-6A76-4F56-BBED-8D3606156CF4",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "5DE61035-9270-4CFE-A331-98D9203929F4",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192167A3-A4D7-49D1-B21B-DC064E6CBE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D9DF02-2882-4AFF-AB72-A22C648AAB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8200-370E-4428-B124-05E1B1C35DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC02DC7-6076-4BBF-B384-DC02F5FA788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB3E3F-7DC6-4196-974F-5E16F404E3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3AAA87-E27E-44E7-9148-37CC05966595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "2769B772-C54F-486D-AE21-1EFF237ED5BA",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "535FA154-AB3D-449E-94C4-DA2F023A57CD",
"versionEndIncluding": "r27.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C032857-3236-4300-8252-1ECA38C18FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DFD492-029A-4560-AFC0-56187B0F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E78A93E-1600-41CE-A315-E50C00A8A2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422B920-B9E9-4CF6-8BAF-974CDA1ECEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "63E65735-D861-4FEC-93B8-1769671E8B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc."
},
{
"lang": "es",
"value": "Vulnerablidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y JavaFX 2.2.40 y anteriores permite la autenticaci\u00f3n remota de usuarios con la correspondiente afecci\u00f3n de integridad a trav\u00e9s de vectores desconocidos relacionados con Javadoc."
}
],
"evaluatorComment": "Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\u0027Applies to sites that run the Javadoc tool as a service and then host the resulting documentation. It is recommended that sites filter HTML where it is not explicitly allowed for javadocs.\u0027",
"id": "CVE-2013-5797",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.007",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/63095"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18956"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-17 01:31
Modified
2024-11-21 04:05
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 11.0.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 11.0.0 | |
| oracle | jrockit | r28.3.19 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_eus | 7.6 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| hp | xp7_command_view | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "7D8C0DB7-6178-4D70-B460-97A49F012560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE66FC86-ADF3-4295-9C10-2A0AF16A538C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "4ADC2C70-B7C4-49AC-B4CC-C5FC60903F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32548053-521C-4D17-8791-680074D5C55E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A79CBB94-4DCC-4346-ACB1-00B9E346E811",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "50B5212A-03DC-48D3-8734-7FAA20A48D7F",
"versionEndExcluding": "8.6.3-00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Scripting). Las versiones compatibles que se han visto afectadas son JavaSE: 8u182 y 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Aunque la vulnerabilidad est\u00e1 presente en Java SE, Java SE Embedded y JRockit, los ataques podr\u00edan afectar ligeramente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en la toma de control de Java SE, Java SE Embedded y JRockit. Nota: esta vulnerabilidad se aplica a implementaciones Java, normalmente en clientes que ejecutan aplicaciones Java Web Start en sandbox o applets Java en sandbox (en Java SE 8) que cargan y ejecutan c\u00f3digo que no es de confianza (por ejemplo, c\u00f3digo proveniente de internet) y que conf\u00edan en el sandbox Java para protegerse. Esta vulnerabilidad tambi\u00e9n puede ser explotada mediante API en el componente especificado, por ejemplo, mediante un servicio web que proporciona datos a las API. CVSS 3.0 Base Score 9.0 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."
}
],
"id": "CVE-2018-3183",
"lastModified": "2024-11-21T04:05:21.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-17T01:31:20.683",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/105622"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/105622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r28.3.13 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | icedtea | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "8FD0F2F0-F307-4F3A-B719-D658467D6B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*",
"matchCriteriaId": "2BBA8749-EFC2-4055-A8AB-56D660C0BB70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*",
"matchCriteriaId": "34D1F91C-50D2-4D6A-BF4B-1B86F6909565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*",
"matchCriteriaId": "2A34F55B-3945-412E-80BD-23F39B3D68D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*",
"matchCriteriaId": "7C4946FF-E16B-4188-8BEA-1D5ABFBD54DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*",
"matchCriteriaId": "E463AEAC-F5DB-47E4-B863-E5D636895C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FA90A3B9-9749-44F5-BAFC-40BA2BD37B43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B92D4C9E-8707-4E05-B12D-28C1AFCE2637",
"versionEndExcluding": "3.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE, Java SE Embedded, JRockit de Oracle Java SE (subcomponente: Networking). Versiones compatibles que son afectadas son Java SE: 6u141, 7u131 y 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Vulnerabilidad dificil de explotar permite a atacante autenticado con acceso a la red a trav\u00e9s de FTP para comprometer Java SE, Java SE Embedded, JRockit. Los ataques exitosos de esta vulnerabilidad pueden resultar en la actualizaci\u00f3n, inserci\u00f3n o eliminaci\u00f3n de acceso no autorizados a algunos de los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Se aplica a la implementaci\u00f3n de cliente y servidor de Java. Esta vulnerabilidad puede ser explotada a trav\u00e9s de aplicaciones de Java Web Start y de Java. Tambi\u00e9n se puede explotar mediante el suministro de datos a las API en el Componente especificado sin utilizar aplicaciones de Java Web Start en modo recinto de seguridad o complementos de Java protegidos, como a trav\u00e9s de un servicio web.CVSS 3.0 Base Score 3.7 (Impactos de integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
}
],
"id": "CVE-2017-3533",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T19:59:03.893",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97740"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201707-01"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-16 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9D903F51-44DE-4931-A904-F54A1ED2FA09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "F734AF76-4CEE-4F9D-AD6A-6BECF1F977CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "464AB16C-B25D-4FCA-AAA2-C6F4CF944628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76:*:*:*:*:*:*",
"matchCriteriaId": "A2C5FA21-4D3B-4739-92A1-B87A1A63F29B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "8348D050-22EF-49AC-960A-ADBA1441FFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update81:*:*:*:*:*:*",
"matchCriteriaId": "83A01BAA-3482-47EA-8C21-E60234ADBFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "E5937109-8325-4D2B-B15E-195833703569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update76:*:*:*:*:*:*",
"matchCriteriaId": "50E5F104-C20F-4E6B-AD70-8FEC1B9A9B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "BB2AF8BC-7643-4CBF-83C0-CA4656AC4FB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u81, 6u91, 7u76, y 8u40, y JRockit R28.3.5, permite a atacantes remotos afectar la confidencialidad a trav\u00e9s de vectores relacionados con JCE."
}
],
"evaluatorComment": "Per Oracle: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. (http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html)",
"id": "CVE-2015-0478",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-16T16:59:32.100",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/74147"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032120"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1035517"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-21 15:28
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A02772D-DB3D-444B-AA9B-9367BE6FD677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39F11BE8-91C7-40ED-841E-6803E053F65D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "8C137033-B58D-47A1-B10E-97E161B9DBB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "B47EBED9-2DA8-4282-91B8-4F5BE586078B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "EB2429BA-65AE-4EC5-B6BC-3767651BEC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*",
"matchCriteriaId": "D95925E1-5761-4CDD-80A0-52939ABF52F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "E87241E0-A296-4CAA-980A-FC572DAEB9F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "49A6100C-86B5-4180-8807-06FB211443AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "8B25BDB2-90A1-40EA-B1EE-CF1B731CE919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:*",
"matchCriteriaId": "A9FE9C93-6AE9-49E7-B908-DF85B21F7247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "36E6A798-78A6-498E-9668-D5D427890E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:*",
"matchCriteriaId": "E40DC6EF-6153-403A-BAA0-4425385F92DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "8A9B64C6-749E-4E98-9ACA-B715A13EA390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "FC4DE6A8-EFB0-480E-863E-BF49823321EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25; Java SE Embedded 7u71 y 8u6; y JRockit 27.8.4 y 28.3.4 permite a atacantes remotos afectar la confidencialidad e integridad a trav\u00e9s de vectores relacionados con JSSE."
}
],
"evaluatorComment": "Per: \"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\"\n\nApplies to client and server deployment of JSSE.",
"id": "CVE-2014-6593",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-21T15:28:29.337",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://packetstormsecurity.com/files/134251/Java-Secure-Socket-Extension-JSSE-SKIP-TLS.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/72169"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"source": "secalert_us@oracle.com",
"url": "https://www.exploit-db.com/exploits/38641/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134251/Java-Secure-Socket-Extension-JSSE-SKIP-TLS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/38641/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 10 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 10 | |
| oracle | jrockit | r28.3.17 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| hp | xp7_command_view | * | |
| schneider-electric | struxureware_data_center_expert | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "5B9A0DD9-878D-42E8-AA57-283E5D1E0A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A396-AF98-46BD-8B73-8CAC02BF12B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "4009C7E0-94C7-4838-94CF-5607D7C575CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0231D6-CA6A-4F76-997A-93AFB840CAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "DD3B3C9B-A53B-4921-8F5F-FF118283D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "038F6540-6674-4D7A-9A70-A62B0F3C9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "0F88A87F-D142-4FFD-8121-52FC9A4B70E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:10:*:*:*:*:*:*:*",
"matchCriteriaId": "095351DA-F50B-4BAF-A4EF-A9C1F8E40E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JMX). Las versiones compatibles que se han visto afectadas son JavaSE: 6u181, 7u171, 8u162 y 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2797",
"lastModified": "2024-11-21T04:04:28.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-19T02:29:03.757",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103846"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JNDI). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en una actualizaci\u00f3n, inserci\u00f3n o borrado de acceso sin autorizaci\u00f3n de datos accesibles de Java SE, Java SE Embedded y JRockit. Adem\u00e1s, pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 4.8 (impactos en la integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)."
}
],
"id": "CVE-2018-2599",
"lastModified": "2024-11-21T04:04:01.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:19.087",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102633"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 10 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 10 | |
| oracle | jrockit | r28.3.17 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| hp | xp7_command_view | * | |
| schneider-electric | struxureware_data_center_expert | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "5B9A0DD9-878D-42E8-AA57-283E5D1E0A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A396-AF98-46BD-8B73-8CAC02BF12B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "4009C7E0-94C7-4838-94CF-5607D7C575CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0231D6-CA6A-4F76-997A-93AFB840CAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "DD3B3C9B-A53B-4921-8F5F-FF118283D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "038F6540-6674-4D7A-9A70-A62B0F3C9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "0F88A87F-D142-4FFD-8121-52FC9A4B70E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:10:*:*:*:*:*:*:*",
"matchCriteriaId": "095351DA-F50B-4BAF-A4EF-A9C1F8E40E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, y JRockit de Oracle Java SE (subcomponente: Security). Las versiones compatibles que se han visto afectadas son JavaSE: 6u181, 7u171, 8u162 y 10; y JRockit: R28.3.17. Esta vulnerabilidad dif\u00edcilmente explotable permite que un atacante no autenticado con inicio de sesi\u00f3n en la infraestructura en la que se ejecutan Java SE y JRockit comprometan la seguridad de Java SE y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante y, aunque la vulnerabilidad est\u00e1 presente en Java SE y JRockit, los ataques podr\u00edan afectar seriamente a productos adicionales. Los ataques exitosos a esta vulnerabilidad pueden resultar en la toma de control de Java SE y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 7.7 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"id": "CVE-2018-2794",
"lastModified": "2024-11-21T04:04:28.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-19T02:29:03.600",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103817"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-16 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| canonical | ubuntu_linux | 14.04 | |
| oracle | javafx | 2.2.51 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r27.8.1 | |
| oracle | jrockit | r28.3.1 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| ibm | forms_viewer | * | |
| ibm | forms_viewer | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.51:*:*:*:*:*:*:*",
"matchCriteriaId": "5A346588-E87E-444A-9680-11415FF5B295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "086781C9-08D6-4268-AEB4-F60365F51562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "DDD27C84-32AD-47CC-B47B-7FBA1321E717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F906BFD6-7654-46C5-8240-3A50949CAE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "E80738D2-3CE2-4EB6-AE4C-F90C2C93BFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "78BC97BC-F745-45E0-8749-41535F7C374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CA226495-4733-485A-9D53-85874434815D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFBC2BA-94F8-4D3B-9C70-3E9FA1F6E0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81434638-A069-4828-99FD-EEBAC3EB41CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "745E0942-12A9-49B3-851C-ED67F047BCEB",
"versionEndExcluding": "4.0.0.3",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5452C9C6-D761-4E3D-B7CF-C0AC55D08650",
"versionEndExcluding": "8.0.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JavaFX 2.2.51; y JRockit R27.8.1 y R28.3.1 permite a usuarios autenticados remotamente afectar a la integridad a trav\u00e9s de vectores relacionados con Javadoc.\n"
}
],
"id": "CVE-2014-2398",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-16T01:55:10.337",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66920"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jre | * | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| oracle | jre | * | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| oracle | jrockit | r28.1.4 | |
| oracle | jrockit | r28.1.5 | |
| oracle | jrockit | r28.2.2 | |
| oracle | jrockit | r28.2.3 | |
| oracle | jrockit | r28.2.4 | |
| oracle | jrockit | r28.2.5 | |
| oracle | jrockit | r28.2.6 | |
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r27.7.1 | |
| oracle | jrockit | r27.7.2 | |
| oracle | jrockit | r27.7.3 | |
| oracle | jrockit | r27.7.4 | |
| oracle | jrockit | r27.7.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "239B595E-6A76-4F56-BBED-8D3606156CF4",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "720419B2-5E62-4FE8-8A0E-A67436E9E3F5",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "47E3CD14-7C90-4ECF-BEB8-BCAD9EB5883B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "56A0449D-E87C-4BAC-AEB3-3C3DBEC1BFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "6559C549-49B6-4784-A30E-605A5632B7C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B5802968-A12E-4938-B322-D1002F55D7B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "91D354BB-6849-44B9-9E2A-0EEA66E4D9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "9FEFE472-63A9-4D02-A674-2EFA4C781D25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "15CBCC05-5D20-4672-9BDD-879F8CB933FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "CBCCEDA8-1984-4E88-A838-294CD3D12857",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*",
"matchCriteriaId": "2769B772-C54F-486D-AE21-1EFF237ED5BA",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
"matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192167A3-A4D7-49D1-B21B-DC064E6CBE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D9DF02-2882-4AFF-AB72-A22C648AAB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8200-370E-4428-B124-05E1B1C35DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC02DC7-6076-4BBF-B384-DC02F5FA788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB3E3F-7DC6-4196-974F-5E16F404E3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3AAA87-E27E-44E7-9148-37CC05966595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "5DE61035-9270-4CFE-A331-98D9203929F4",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "535FA154-AB3D-449E-94C4-DA2F023A57CD",
"versionEndIncluding": "r27.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C032857-3236-4300-8252-1ECA38C18FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DFD492-029A-4560-AFC0-56187B0F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E78A93E-1600-41CE-A315-E50C00A8A2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422B920-B9E9-4CF6-8BAF-974CDA1ECEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "63E65735-D861-4FEC-93B8-1769671E8B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con 2D."
}
],
"id": "CVE-2013-5782",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T15:55:34.490",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/63103"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18645"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-19 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | jdk | 1.7.0 | |
| sun | jre | 1.7.0 | |
| oracle | jrockit | * | |
| oracle | jrockit | r28.0.0 | |
| oracle | jrockit | r28.0.1 | |
| oracle | jrockit | r28.0.2 | |
| oracle | jrockit | r28.1.0 | |
| oracle | jrockit | r28.1.1 | |
| oracle | jrockit | r28.1.3 | |
| sun | jdk | * | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jdk | 1.6.0 | |
| sun | jre | * | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jre | 1.6.0 | |
| sun | jdk | * | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jdk | 1.5.0 | |
| sun | jre | * | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jre | 1.5.0 | |
| sun | jdk | * | |
| sun | jdk | 1.4.2 | |
| sun | jdk | 1.4.2_1 | |
| sun | jdk | 1.4.2_2 | |
| sun | jdk | 1.4.2_3 | |
| sun | jdk | 1.4.2_4 | |
| sun | jdk | 1.4.2_5 | |
| sun | jdk | 1.4.2_6 | |
| sun | jdk | 1.4.2_7 | |
| sun | jdk | 1.4.2_8 | |
| sun | jdk | 1.4.2_9 | |
| sun | jdk | 1.4.2_10 | |
| sun | jdk | 1.4.2_11 | |
| sun | jdk | 1.4.2_12 | |
| sun | jdk | 1.4.2_13 | |
| sun | jdk | 1.4.2_14 | |
| sun | jdk | 1.4.2_15 | |
| sun | jdk | 1.4.2_16 | |
| sun | jdk | 1.4.2_17 | |
| sun | jdk | 1.4.2_18 | |
| sun | jdk | 1.4.2_19 | |
| sun | jdk | 1.4.2_20 | |
| sun | jdk | 1.4.2_21 | |
| sun | jdk | 1.4.2_22 | |
| sun | jdk | 1.4.2_23 | |
| sun | jdk | 1.4.2_24 | |
| sun | jdk | 1.4.2_25 | |
| sun | jdk | 1.4.2_26 | |
| sun | jdk | 1.4.2_27 | |
| sun | jdk | 1.4.2_28 | |
| sun | jdk | 1.4.2_29 | |
| sun | jdk | 1.4.2_30 | |
| sun | jdk | 1.4.2_31 | |
| sun | jdk | 1.4.2_32 | |
| sun | jre | * | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2_1 | |
| sun | jre | 1.4.2_2 | |
| sun | jre | 1.4.2_3 | |
| sun | jre | 1.4.2_4 | |
| sun | jre | 1.4.2_5 | |
| sun | jre | 1.4.2_6 | |
| sun | jre | 1.4.2_7 | |
| sun | jre | 1.4.2_8 | |
| sun | jre | 1.4.2_9 | |
| sun | jre | 1.4.2_10 | |
| sun | jre | 1.4.2_11 | |
| sun | jre | 1.4.2_12 | |
| sun | jre | 1.4.2_13 | |
| sun | jre | 1.4.2_14 | |
| sun | jre | 1.4.2_15 | |
| sun | jre | 1.4.2_16 | |
| sun | jre | 1.4.2_17 | |
| sun | jre | 1.4.2_18 | |
| sun | jre | 1.4.2_19 | |
| sun | jre | 1.4.2_20 | |
| sun | jre | 1.4.2_21 | |
| sun | jre | 1.4.2_22 | |
| sun | jre | 1.4.2_23 | |
| sun | jre | 1.4.2_24 | |
| sun | jre | 1.4.2_25 | |
| sun | jre | 1.4.2_26 | |
| sun | jre | 1.4.2_27 | |
| sun | jre | 1.4.2_28 | |
| sun | jre | 1.4.2_29 | |
| sun | jre | 1.4.2_30 | |
| sun | jre | 1.4.2_31 | |
| sun | jre | 1.4.2_32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "893B13BC-9448-4AFD-BCC4-F289A523949B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD3FC81B-4E54-44D8-8118-1E256FE619E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE4B7CD-9510-4EA2-85A0-3266DB0D6082",
"versionEndIncluding": "r28.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "9F67F2BE-367C-4700-AE28-DA082325FF9D",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "ECEDE405-CEF6-4E52-A8AE-28B9274B2289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "B5559C2B-9A93-4EFC-BE31-32C9ADD4D5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "029E1F1D-2A77-4258-9D4F-6D31E827DF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "0D2F2BE2-3022-4DC9-8505-F597F8CE1192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "A44CCE27-EE9F-4A66-B65A-24D015CE2764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update_27:*:*:*:*:*:*",
"matchCriteriaId": "3FB18875-CC4B-49AC-B038-44824BECBB7E",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*",
"matchCriteriaId": "188D2242-7D16-4F8E-AB61-4663804AAC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*",
"matchCriteriaId": "40271AA6-B0E7-461D-8903-414FE4E7109D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*",
"matchCriteriaId": "2231339D-4DF9-43CA-BC63-BD1EE1C17759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_25:*:*:*:*:*:*",
"matchCriteriaId": "A67ACAEB-D1B4-42C7-BEEC-8B5D8AFEBCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_26:*:*:*:*:*:*",
"matchCriteriaId": "342D28DD-2AF4-489F-BAC7-29745C153726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:update31:*:*:*:*:*:*",
"matchCriteriaId": "3CF9A144-2F2C-4E04-A474-45EE2074B5B9",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02CF738-1B4F-44D0-A618-3D3E4EF1C9B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "EE8E883F-E13D-4FB0-8C6F-B7628600E8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "2AADA633-EB11-49A0-8E40-66589034F03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "19DC29C5-1B9F-46DF-ACF6-3FF93E45777D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*",
"matchCriteriaId": "646DDCA6-AAC4-4FA8-B9B5-51F88D4C001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "B120F7D9-7C1E-4716-B2FA-2990D449F754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "CD61E49F-2A46-4107-BB3F-527079983306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "D900AAE0-6032-4096-AFC2-3D43C55C6C83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "88B0958C-744C-4946-908C-09D2A5FAB120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "C3E7F3CA-FFB3-42B3-A64F-0E38FAF252FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "9A2D8D09-3F18-4E73-81CF-BB589BB8AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "3FD24779-988F-4EC1-AC19-77186B68229E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "4F1E860E-98F2-48FF-B8B3-54D4B58BF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "28BE548B-DD0C-4C58-98CA-5B803F04F9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "505A8F40-7758-412F-8895-FA1B00BE6B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "212F4A5F-87E3-4C62-BA21-46CBBCD8D26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "5C4DFCD2-00A3-4BC7-8842-836CE22C7B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "EB3A0C49-3FF9-4CB7-9E01-F771D4925103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "F7D1BBD4-2F88-4372-B863-BB70753D841B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "9A75A4C0-6B49-424B-BEC0-0E0AAEF877B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "03555D1A-9470-4227-B843-E6EF91A6BC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "E8F98346-B755-4082-B873-21A9792C231B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*",
"matchCriteriaId": "569BD939-9AF4-4AF0-88F0-1055FBAF2D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "77D6F71D-F584-4920-8143-FEF374CED2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5F8E9AA0-8907-4B1A-86A1-08568195217D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "A337AD31-4566-4A4E-AFF3-7EAECD5C90F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "0754AFDC-2F1C-4C06-AB46-457B5E610029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "532CF9DD-0EBB-4B3B-BB9C-A8D78947A790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "DC0ABF7A-107B-4B97-9BD7-7B0CEDAAF359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*",
"matchCriteriaId": "59ED507D-AEF8-4631-A298-8BDA6D6E8CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "A5DA4242-30D9-44C8-9D0D-877348FFA22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "C61C6043-99D0-4F36-AF84-1A5F90B895EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:update31:*:*:*:*:*:*",
"matchCriteriaId": "019C8A1B-75CF-4639-BD68-AE431CC356D7",
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133A7B66-E0B3-4867-A5A4-3C54D6C0C8ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
"matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
"matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
"matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
"matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
"matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
"matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A54FCC-F062-402B-ABCB-E8421BF5A265",
"versionEndIncluding": "1.4.2_33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E5ACCC-F82F-42F8-860A-92765D0F0B28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9CA652-9B8C-4175-9ED8-71F441ADF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "93B973CB-25CE-4CA4-A4F8-577ED9ACEFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "00F66ED4-F74A-4F61-B01C-122DC98D5324",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "7321A75D-AC6E-486E-8911-AF66A992C8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D70B8B14-B4A2-4D05-B999-E2840A2365E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EDC5EB-2E48-462E-BA0B-217BC470DFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1D44C4-E43A-4D63-A5C9-76E885D3B436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "52E30E1D-2766-4E79-B9C7-7B998E23A49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9872BC-5A24-4855-8D01-4C43BBF5C265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "E94D13A6-E832-4BDF-8AF2-A4E0EF7DCBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5EFE8C-B098-460C-AFE5-C5A938599F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "040AD56D-A0B7-4AF7-AF3D-4B4BD802516D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F7DF1-E117-4FD4-9A63-D05747727D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "D63DF43C-4781-4E0F-89C4-0BFC841A0488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "6D29842F-2185-46C5-8091-23ECB06CB680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "1FF285D8-6E75-4932-A28B-639DA07F1124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_17:*:*:*:*:*:*:*",
"matchCriteriaId": "817C3737-F625-4EE9-BB5C-D4B624EF0DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_18:*:*:*:*:*:*:*",
"matchCriteriaId": "3A152C0A-65CE-438D-8B53-32D1EFC019F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_19:*:*:*:*:*:*:*",
"matchCriteriaId": "BA8DEFA1-AAA4-4AA2-859F-257B9B4D2B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_20:*:*:*:*:*:*:*",
"matchCriteriaId": "F9D4AA46-B38D-4A80-A36F-979FA1EAB35E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_21:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E3A6C-2C32-40D6-9158-A5C6EDF6634A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_22:*:*:*:*:*:*:*",
"matchCriteriaId": "61D91803-E776-40E9-9038-300CBEDE951E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_23:*:*:*:*:*:*:*",
"matchCriteriaId": "933B79BF-1243-43CC-BD05-23DB0FD51B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_24:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6131D2-AB88-44EB-811C-A860647ED897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_25:*:*:*:*:*:*:*",
"matchCriteriaId": "20E63A14-0C67-42E7-9AA2-9FE32D82E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_26:*:*:*:*:*:*:*",
"matchCriteriaId": "59876E98-38A8-4179-AF7B-2189986CA79B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_27:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AE3C30-E7B7-422F-9E8C-496E12D8E5D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_28:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5D0A7E-3B1A-4FA9-9C6B-4F594DDC94AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_29:*:*:*:*:*:*:*",
"matchCriteriaId": "B07C6273-0863-405F-B086-2102DDE6B119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_30:*:*:*:*:*:*:*",
"matchCriteriaId": "396C5B70-314F-4FBF-BEA8-A254F83F3634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_31:*:*:*:*:*:*:*",
"matchCriteriaId": "1B930117-97F7-4DBC-A801-34B32B6D3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_32:*:*:*:*:*:*:*",
"matchCriteriaId": "FF500A3A-724D-498F-BC25-E2A0E22D0915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCE2D17-1134-47F0-8A50-05618F7D2DD2",
"versionEndIncluding": "1.4.2_33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEAB662-644A-4D7B-8237-64142CF48724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9598A49-95F2-42DB-B92C-CD026F739B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*",
"matchCriteriaId": "BED1009E-AE60-43A0-A0F5-38526EFCF423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*",
"matchCriteriaId": "D011585C-0E62-4233-85FA-F29A07D68DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*",
"matchCriteriaId": "F226D898-F0E8-41D8-BF40-54DE9FB5426D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9CCD1-A67D-4800-9EC5-6E1A0B0B76E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE28C283-447A-4F83-B96B-69F96E663C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*",
"matchCriteriaId": "D102063B-2434-4141-98E7-2DE501AE1728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*",
"matchCriteriaId": "03B8CD03-CD31-4F4D-BA90-59435578A4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*",
"matchCriteriaId": "41A994BF-1F64-480A-8AA5-748DDD0AB68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*",
"matchCriteriaId": "88519F2D-AD06-4F05-BEDA-A09216F1B481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*",
"matchCriteriaId": "AC728978-368D-4B36-B149-70473E92BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5187B1-CB86-48E8-A595-9FCFD9822C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*",
"matchCriteriaId": "6C660DE4-543A-4E9B-825D-CD099D08CBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*",
"matchCriteriaId": "98C1942E-16C0-4EB2-AB57-43EC6EC9C3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*",
"matchCriteriaId": "318719C9-7B01-4021-B2EF-8341254DFE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8FA9BA-51CA-4473-9FE1-9A32FB8C8041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5E64B6-77DA-44BC-B646-AE01041B1830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA35E80-9E0E-4A26-B631-A61542BE4739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEB5367-1BB8-4ED3-8C04-ABA6BAA5AD10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*",
"matchCriteriaId": "BED9E7C8-0418-4733-A496-61CCFD638859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*",
"matchCriteriaId": "6566CE32-E042-424A-893B-C8A9E26E2869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*",
"matchCriteriaId": "B760192E-7193-4FEF-8FFA-680AC89D45A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*",
"matchCriteriaId": "1C020210-8EBA-41D2-BE4A-962CD902857C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*",
"matchCriteriaId": "076444F1-543E-4061-9D39-415A1A889F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*",
"matchCriteriaId": "B29C4AA1-30F8-4AA3-A8B5-4125CF9B66F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_27:*:*:*:*:*:*:*",
"matchCriteriaId": "45BD257F-4310-44C7-A304-2F174FA93C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_28:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7B39AB-4B2E-40A2-9FB9-0E209DC7F24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_29:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF9D788-1A3A-4988-8C7B-AFF0E81C68CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_30:*:*:*:*:*:*:*",
"matchCriteriaId": "50B3174A-58BB-469D-BB32-D503DBE58832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_31:*:*:*:*:*:*:*",
"matchCriteriaId": "2F82BE05-5170-4F9B-ADE8-935F5BC1BABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2_32:*:*:*:*:*:*:*",
"matchCriteriaId": "DD793765-DA0B-422C-BD31-DA48A8F6EC7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE JDK y JRE 7, 6 Update 27 y versiones anteriores, 5.0 Update 31 y versiones anteriores, 1.4.2_33 y versiones anteriores y JRockit R28.1.4 y versiones anteriores permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad, relacionada con RMI, una vulnerabilidad diferente a CVE-2011-3556."
}
],
"id": "CVE-2011-3557",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-19T21:55:01.643",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/76506"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48692"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48915"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/48948"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/49198"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/50234"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70836"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/76506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14373"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*",
"matchCriteriaId": "2755C397-75DF-4110-8C8A-05EFDFFF9BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*",
"matchCriteriaId": "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*",
"matchCriteriaId": "18FB6138-2B3D-4C4B-8647-3D1646165641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "49B3533A-57B1-4EDA-9434-D75AE837F2C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "914D54AC-EAAE-4A01-BA88-7F245BDA47C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*",
"matchCriteriaId": "33DD9C2A-9C6E-407B-8110-2EC7906DE036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*",
"matchCriteriaId": "88FA3ACA-B2FC-4D9C-B67E-35272514FB84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*",
"matchCriteriaId": "17B87292-EDBB-4D5A-8874-7405F040FAA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*",
"matchCriteriaId": "366E2702-633C-4D4C-ACF8-4CBEC66719F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*",
"matchCriteriaId": "8CFE55B4-9A07-4E88-98AC-8345243AEF79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "228C7B8D-18EE-444A-8067-6C222844FB8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u95, 7u80, y 8u45; JRockit R28.3.6; y Java SE Embedded 7u75 y 8u33, permite a atacantes remotos afectar la confidencialidad a trav\u00e9s de vectores relacionados con JSSE."
}
],
"evaluatorComment": "Per Advisory: \u003ca href=\"http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html\"\u003eApplies to client and server deployment of JSSE.\u003c/a\u003e",
"id": "CVE-2015-2625",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-16T10:59:48.123",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/75895"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-14"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JNDI). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante y, aunque la vulnerabilidad est\u00e1 presente en Java SE, Java SE Embedded y JRockit, los ataques podr\u00edan afectar ligeramente a productos adicionales. Los ataques exitosos de esta vulnerabilidad pueden resultar en la toma de control de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 8.3 (impactos en la confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"id": "CVE-2018-2633",
"lastModified": "2024-11-21T04:04:06.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:20.633",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102557"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-15 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jrockit | * | |
| oracle | jrockit | r26.0 | |
| oracle | jrockit | r26.1 | |
| oracle | jrockit | r26.2 | |
| oracle | jrockit | r26.3 | |
| oracle | jrockit | r26.4 | |
| oracle | jrockit | r27.1 | |
| oracle | jrockit | r27.2 | |
| oracle | jrockit | r27.3 | |
| oracle | jrockit | r27.3.1 | |
| oracle | jrockit | r27.4 | |
| oracle | jrockit | r27.5 | |
| oracle | jrockit | r27.6 | |
| oracle | jrockit | r27.6.0 | |
| oracle | jrockit | r27.6.1 | |
| sun | jdk | 5.0 | |
| sun | jdk | 6 | |
| sun | jre | 1.4.2 | |
| sun | jre | 5.0 | |
| sun | jre | 6 | |
| sun | sdk | 1.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9608B08F-67D3-45CA-9F1E-22BB6C02E6D0",
"versionEndIncluding": "r27.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r26.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E83DA137-A2FC-4E0F-B297-7D6FEBEF5FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDC15FE-3C16-433D-9D99-2B82727BD97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "529D146C-4975-4A15-8818-59BE62202966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r26.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CB064B5E-06B4-48BD-9492-7BBBEDAA9978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r26.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC2BE68-DC4E-4B0B-85FE-27877657827D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4873B9FF-0BA4-45AE-834A-C23AE80A2B48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39274558-2ECB-43CE-BAEF-DBD3AAC1BD05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.3:*:*:*:*:*:*:*",
"matchCriteriaId": "72DA7B82-EC3B-4458-B040-6F9D1AE23DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "267F16DF-D868-4DD9-8670-01AC3CBCE716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.4:*:*:*:*:*:*:*",
"matchCriteriaId": "164B5E91-F21A-4C99-A685-7332A85AF25B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2DD7274B-EA02-49DE-9FA5-40DA26498191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57BCE344-59AF-404B-9BC2-095562754184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2BE6F9-6DAC-47B3-A9B6-10056E1E48F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "44280B48-5ECB-47B2-AE9E-0C6189B01A27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:jdk:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D9B6F3-906D-4CCC-9655-99A1496B1475",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:jdk:6:*:*:*:*:*:*:*",
"matchCriteriaId": "1264A513-5AE3-4F0E-8387-1F75EBAEA241",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63978872-E797-4F13-B0F9-98CB67D0962A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:jre:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3241D774-D0F4-4529-A779-2F4F11813D18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:jre:6:*:*:*:*:*:*:*",
"matchCriteriaId": "2C502FE9-F61F-4316-AA33-B09FA8BA54DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:sdk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "002CA86D-3090-4C7A-947A-21CB5D1ADD98",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente JRockit de BEA Product Suite R27.6.2 y anteriores, con SDK/JRE v1.4.2, JRE/JDK v5 y JRE/JDK v6; permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2009-1006",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-15T10:30:00.920",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1022059"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-16 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "535FA154-AB3D-449E-94C4-DA2F023A57CD",
"versionEndIncluding": "r27.7.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8C032857-3236-4300-8252-1ECA38C18FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4DFD492-029A-4560-AFC0-56187B0F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E78A93E-1600-41CE-A315-E50C00A8A2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C422B920-B9E9-4CF6-8BAF-974CDA1ECEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "63E65735-D861-4FEC-93B8-1769671E8B3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "CBCCEDA8-1984-4E88-A838-294CD3D12857",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "0381EE39-2F60-49FD-A63A-B9E81C9033CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "9AD75455-B7F0-4F42-98E7-CAA43787D606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "3BF0FD06-3953-49AB-A9AA-ACB6883E2D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "62823E8E-99CF-40DB-B43E-CBA4E9A2F916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "FEA04B0D-D4E3-497D-9564-046B1CDA2342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "AD3522AD-6CE5-43A3-A108-FBEEE4C226B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "B2F3B6EB-694F-44E9-9502-8487DCEC84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "1ED02C60-AD2E-4DAD-89DA-E978B6D6422A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "CAF4D47A-1D98-43B3-B26E-B4AF7F08BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "1F3ECD7D-E0BF-45AB-80FA-9E6EAECF890F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A4FEC7-A4A0-4B5C-A56C-8F80AE19865E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "722A93D8-B5BC-42F3-92A2-E424F61269A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "775F2611-F11C-4B84-8F40-0D034B81BF18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "F20FDD9F-FF45-48BC-9207-54FB02E76071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "9FA326F5-894A-4B01-BCA3-B126DA81CA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "228AB7B4-4BA4-43D4-B562-D438884DB152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "AFD5C688-2103-4D60-979E-D9BE69A989C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "21421215-F722-4207-A2E5-E2DF4B29859B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "BFB9EA23-0EF7-4582-A265-3F5AA9EC81B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C367B418-659E-4627-B1F1-1B1216C99055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "CD5E6D4E-DDDD-4B45-B5E9-F8A916287AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "7358492A-491C-491E-AEDF-63CB82619BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "C3DACAAF-AFDC-4391-9E85-344F30937F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "D98175BF-B084-4FA5-899D-9E80DC3923EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "820632CE-F8DF-47EE-B716-7530E60008B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "FA2BD0A3-7B2D-447B-ABAC-7B867B03B632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "D54AB785-E9B7-47BD-B756-0C3A629D67DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "E9412098-0353-4F7B-9245-010557E6C651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "AD30DAEB-4893-41CF-A455-B69C463B9337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*",
"matchCriteriaId": "21D6CE7E-A036-496C-8E08-A87F62B5290A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*",
"matchCriteriaId": "5DE61035-9270-4CFE-A331-98D9203929F4",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
"matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF025086-5D88-4A56-ABFA-1FC2A6DC6060",
"versionEndIncluding": "r28.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF4A3CEE-CA1A-4381-9C2A-86A08552ECB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4953F74A-EA08-414B-9A5F-0DE7B05C6E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E573D88-D435-4BE0-A439-A6ABE7C990CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5774E87C-9F38-4DB9-9F4F-B88D37BE622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95746A03-C190-409B-9F3F-F3F7F6B3D419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCC0C38-1660-40BF-8708-B0FDF43069FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "723DE1EC-F44A-4362-B885-835784FA7B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192167A3-A4D7-49D1-B21B-DC064E6CBE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D9DF02-2882-4AFF-AB72-A22C648AAB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5D8200-370E-4428-B124-05E1B1C35DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC02DC7-6076-4BBF-B384-DC02F5FA788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AB3E3F-7DC6-4196-974F-5E16F404E3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5E3AAA87-E27E-44E7-9148-37CC05966595",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*",
"matchCriteriaId": "239B595E-6A76-4F56-BBED-8D3606156CF4",
"versionEndIncluding": "1.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
"matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
"matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
"matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
"matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
"matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
"matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
"matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
"matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
"matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
"matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
"matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
"matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
"matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
"matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
"matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
"matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
"matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
"matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
"matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "FB006563-023B-4AC6-8A27-E41DE59758A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCD143C-057D-4F42-B487-46801E14ACF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
"matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
"matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
"matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
"matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
"matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
"matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
"matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
"matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
"matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
"matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
"matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
"matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
"matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
"matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
"matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
"matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE y anteriores, Java SE 6u60 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores relacionados con Security."
}
],
"evaluatorComment": "Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\u0027Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.\u0027",
"id": "CVE-2013-5823",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-16T17:55:05.723",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "secalert_us@oracle.com",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18783"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-21 10:12
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update115:*:*:*:*:*:*",
"matchCriteriaId": "31B36B01-7736-44B7-BFE7-838E07013B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "8AEA7244-D1DC-4144-BA69-0488EDD8ABAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "429DC535-FA00-4309-AD75-E79F238A4B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*",
"matchCriteriaId": "95C17CAA-0971-44CB-8A04-F135ACBEFBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update115:*:*:*:*:*:*",
"matchCriteriaId": "F3E80A87-8142-4391-88C9-27FBE20BD9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update101:*:*:*:*:*:*",
"matchCriteriaId": "8AE0C67B-6B6E-4B16-A0EB-4DFBAE83134F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update91:*:*:*:*:*:*",
"matchCriteriaId": "35E4B9B9-917E-4EB1-B8ED-B69D5589A0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*",
"matchCriteriaId": "CFC93807-F81D-4F4C-AD4F-3F0A45C36F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "77416A88-9162-4B8B-B5B3-6CF5671FBED2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 6u115, 7u101 y 8u92; Java SE Embedded 8u91 y JRockit R28.3.10 permite a usuarios locales afectar la integridad a trav\u00e9s de vectores relacionados con Networking."
}
],
"id": "CVE-2016-3485",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.4,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-21T10:12:39.663",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2025-05-06 15:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 10 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 10 | |
| oracle | jrockit | r28.3.17 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| hp | xp7_command_view | * | |
| schneider-electric | struxureware_data_center_expert | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "F5A7A396-AF98-46BD-8B73-8CAC02BF12B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "4009C7E0-94C7-4838-94CF-5607D7C575CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0231D6-CA6A-4F76-997A-93AFB840CAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "038F6540-6674-4D7A-9A70-A62B0F3C9A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update162:*:*:*:*:*:*",
"matchCriteriaId": "0F88A87F-D142-4FFD-8121-52FC9A4B70E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:10:*:*:*:*:*:*:*",
"matchCriteriaId": "095351DA-F50B-4BAF-A4EF-A9C1F8E40E12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Concurrency). Las versiones compatibles que se han visto afectadas son JavaSE: 7u171, 8u162 y 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2796",
"lastModified": "2025-05-06T15:15:55.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2018-04-19T02:29:03.693",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103868"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Libraries). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por HTTP comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2018-2603",
"lastModified": "2024-11-21T04:04:01.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:19.287",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102625"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-16 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jrockit | r27.8.1 | |
| oracle | jrockit | r28.3.1 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| canonical | ubuntu_linux | 14.04 | |
| juniper | junos_space | * | |
| oracle | jdk | 1.5.0 | |
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.5.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFBC2BA-94F8-4D3B-9C70-3E9FA1F6E0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81434638-A069-4828-99FD-EEBAC3EB41CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:junos_space:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B258D4C-2CAA-4493-8C35-E8A641A4FB14",
"versionEndExcluding": "15.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "086781C9-08D6-4268-AEB4-F60365F51562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "DDD27C84-32AD-47CC-B47B-7FBA1321E717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F906BFD6-7654-46C5-8240-3A50949CAE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*",
"matchCriteriaId": "E80738D2-3CE2-4EB6-AE4C-F90C2C93BFE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*",
"matchCriteriaId": "78BC97BC-F745-45E0-8749-41535F7C374E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CA226495-4733-485A-9D53-85874434815D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JRockit R27.8.1 y R28.3.1; y Java SE Embedded 7u51 permite a atacantes remotos afectar a la confidencialidad e integridad mediante vectores relacionados con JNDI."
}
],
"id": "CVE-2014-0460",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-16T01:55:09.993",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59022"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59023"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59071"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59082"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59250"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59255"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59307"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59436"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59516"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59642"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59704"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59705"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59706"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60003"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60111"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60117"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61264"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66916"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/66916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-18 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "CB929C7D-A5EE-4603-9414-E535408B41A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"matchCriteriaId": "A86C2A04-A51C-403A-AAB5-81872453022D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7283D6DD-DBFA-456F-9381-692B605B5625",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CB56955-1A47-4F6C-A354-8BBAE7534504",
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "DA653F23-232D-4086-B9A4-4D809C87D9F1",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "E92000F8-241D-4731-809F-C1D32F99AF9A",
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: JGSS). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171, 7u161, 8u152 y 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Para que los ataques tengan \u00e9xito, se necesita la participaci\u00f3n de otra persona diferente del atacante. Los ataques exitosos de esta vulnerabilidad pueden resultar en la creaci\u00f3n, eliminaci\u00f3n o modificaci\u00f3n no autorizada de datos confidenciales o de todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)."
}
],
"id": "CVE-2018-2629",
"lastModified": "2024-11-21T04:04:05.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-18T02:29:20.447",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102615"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-19 02:29
Modified
2024-11-21 04:04
Severity ?
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jdk | 1.6.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.6.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jrockit | r28.3.17 | |
| redhat | satellite | 5.6 | |
| redhat | satellite | 5.7 | |
| redhat | satellite | 5.8 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| hp | xp7_command_view | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "5B9A0DD9-878D-42E8-AA57-283E5D1E0A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "A2EB8815-20EE-4A0B-A001-73995114333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update181:*:*:*:*:*:*",
"matchCriteriaId": "DD3B3C9B-A53B-4921-8F5F-FF118283D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"matchCriteriaId": "32F5FDBE-ED30-48A9-B130-A48309C7D2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update152:*:*:*:*:*:*",
"matchCriteriaId": "1988C207-4D9F-4FD2-9652-30CB2C65FE8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9A13AA87-5F14-4728-B317-17C3A782FA34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F86C3C-B99C-44C6-97D7-163DC3F59687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "87D4ED85-90F6-47E6-BF08-3595DB22C7B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)."
},
{
"lang": "es",
"value": "Vulnerabilidad en los componentes Java SE, Java SE Embedded y JRockit de Oracle Java SE (subcomponente: Security). Las versiones compatibles que se han visto afectadas son JavaSE: 6u181, 7u161 y 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Una vulnerabilidad dif\u00edcilmente explotable permite que un atacante sin autenticar que tenga acceso a red por m\u00faltiples protocolos comprometa la seguridad de Java SE, Java SE Embedded y JRockit. Los ataques exitosos a esta vulnerabilidad pueden resultar en el acceso no autorizado a la actualizaci\u00f3n, inserci\u00f3n o supresi\u00f3n de datos confidenciales o de todos los datos accesibles de Java SE, Java SE Embedded y JRockit, as\u00ed como el acceso sin autorizaci\u00f3n a datos confidenciales o todos los datos accesibles de Java SE, Java SE Embedded y JRockit. Nota: Esta vulnerabilidad aplica a la implementaci\u00f3n del cliente y el servidor de Java. Esta vulnerabilidad puede ser explotada mediante aplicaciones Java Web Start en sandbox y applets Java en sandbox. Tambi\u00e9n puede ser explotada proporcionando datos a las API en los componentes especificados sin emplear aplicaciones Java Web Start o applets Java en sandbox, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 7.4 (impactos de confidencialidad e integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)."
}
],
"id": "CVE-2018-2783",
"lastModified": "2024-11-21T04:04:26.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-19T02:29:03.020",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/103832"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/103832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3644-1/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-15 22:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ED5A7D-7C5F-494B-B71F-136FC4F60F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "091F8337-0581-4C70-85F2-4FB68087FE70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*",
"matchCriteriaId": "A96B7B6D-890C-4CAF-A273-01E17D3FDBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*",
"matchCriteriaId": "6D7DEDD2-FEF2-4FEC-B9BF-C1C3FA247A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*",
"matchCriteriaId": "CE789D26-302F-44CF-AF63-EA0BA73E49E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "A85E8DD9-9B00-4C7E-802D-6E6A1BD3B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "D776872E-A50A-498D-A68B-84DD910ED429",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Oracle Java SE 6u81, 7u67, y 8u20; Java SE Embedded 7u60; y Jrockit R27.8.3 y R28.3.3, permite a atacantes remotos afectar a la confidencialidad a trav\u00e9s de vectores relacionados con JAXP."
}
],
"id": "CVE-2014-6517",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-15T22:55:06.907",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/70552"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"source": "secalert_us@oracle.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-2799 (GCVE-0-2018-2799)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2024-10-03 20:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 7u171 Version: 8u162 Version: 10; Java SE Embedded: 8u161; JRockit: R28.3.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103872",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103872"
},
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"name": "[xmlgraphics-fop-dev] 20191018 [jira] [Created] (FOP-2885) Security Vulnerability with Xerces version \u003c= 2.11",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d%40%3Cfop-dev.xmlgraphics.apache.org%3E"
},
{
"name": "[spark-user] 20200224 [SPARK Dependencies] Security Vulnerability with Xerces version \u003c 2.12",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307%40%3Cuser.spark.apache.org%3E"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2799",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:13:15.569832Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:17:55.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 7u171"
},
{
"status": "affected",
"version": "8u162"
},
{
"status": "affected",
"version": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-24T18:06:03",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "103872",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103872"
},
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"name": "[xmlgraphics-fop-dev] 20191018 [jira] [Created] (FOP-2885) Security Vulnerability with Xerces version \u003c= 2.11",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d%40%3Cfop-dev.xmlgraphics.apache.org%3E"
},
{
"name": "[spark-user] 20200224 [SPARK Dependencies] Security Vulnerability with Xerces version \u003c 2.12",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307%40%3Cuser.spark.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 7u171"
},
{
"version_affected": "=",
"version_value": "8u162"
},
{
"version_affected": "=",
"version_value": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103872",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103872"
},
{
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E"
},
{
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
},
{
"name": "[xmlgraphics-fop-dev] 20191018 [jira] [Created] (FOP-2885) Security Vulnerability with Xerces version \u003c= 2.11",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b53d4601ecd9ec63c799dbe1bc5b78e0d52f4cef429da2dfe63cf06d@%3Cfop-dev.xmlgraphics.apache.org%3E"
},
{
"name": "[spark-user] 20200224 [SPARK Dependencies] Security Vulnerability with Xerces version \u003c 2.12",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r449b5d89c7b2ba3762584cf6c38e01867d4b24706e023cf2a9911307@%3Cuser.spark.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2799",
"datePublished": "2018-04-19T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:17:55.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0383 (GCVE-0-2015-0383)
Vulnerability from cvelistv5
Published
2015-01-21 18:00
Modified
2024-08-06 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-cpujan2015-cve20150383(100148)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100148"
},
{
"name": "FEDORA-2015-8251",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158810.html"
},
{
"name": "SUSE-SU-2015:0503",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "FEDORA-2015-8226",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158791.html"
},
{
"name": "DSA-3144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "FEDORA-2015-8264",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158088.html"
},
{
"name": "RHSA-2015:0079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "USN-2487-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "RHSA-2015:0085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "RHSA-2015:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:0336",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"name": "RHSA-2015:0068",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "USN-2486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"name": "SSRT101968",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "72155",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72155"
},
{
"name": "DSA-3147",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "oracle-cpujan2015-cve20150383(100148)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100148"
},
{
"name": "FEDORA-2015-8251",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158810.html"
},
{
"name": "SUSE-SU-2015:0503",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "FEDORA-2015-8226",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158791.html"
},
{
"name": "DSA-3144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "FEDORA-2015-8264",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158088.html"
},
{
"name": "RHSA-2015:0079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "USN-2487-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "RHSA-2015:0085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "RHSA-2015:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:0336",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"name": "RHSA-2015:0068",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "USN-2486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"name": "SSRT101968",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "72155",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72155"
},
{
"name": "DSA-3147",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-cpujan2015-cve20150383(100148)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100148"
},
{
"name": "FEDORA-2015-8251",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158810.html"
},
{
"name": "SUSE-SU-2015:0503",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "FEDORA-2015-8226",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158791.html"
},
{
"name": "DSA-3144",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "FEDORA-2015-8264",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158088.html"
},
{
"name": "RHSA-2015:0079",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "USN-2487-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "RHSA-2015:0085",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "RHSA-2015:0086",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:0336",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"name": "RHSA-2015:0068",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "USN-2486-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"refsource": "HP",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"name": "SSRT101968",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "72155",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72155"
},
{
"name": "DSA-3147",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3147"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0383",
"datePublished": "2015-01-21T18:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5830 (GCVE-0-2013-5830)
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:31.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "63121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63121"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "oval:org.mitre.oval:def:19096",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19096"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "63121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63121"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "oval:org.mitre.oval:def:19096",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19096"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "63121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63121"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "oval:org.mitre.oval:def:19096",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19096"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5830",
"datePublished": "2013-10-16T17:31:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:31.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3544 (GCVE-0-2017-3544)
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-10-07 16:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u141 Version: 7u131 Version: 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:30:57.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "97745",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97745"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:1117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1222",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:1119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3544",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T15:44:53.644619Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T16:12:23.501Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u141"
},
{
"status": "affected",
"version": "7u131"
},
{
"status": "affected",
"version": "8u121; Java SE Embedded: 8u121; JRockit: R28.3.13"
}
]
}
],
"datePublic": "2017-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "97745",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97745"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:1117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1222",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:1119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u141"
},
{
"version_affected": "=",
"version_value": "7u131"
},
{
"version_affected": "=",
"version_value": "8u121; Java SE Embedded: 8u121; JRockit: R28.3.13"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1221",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "97745",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97745"
},
{
"name": "RHSA-2017:1220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:1117",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "1038286",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1222",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:1119",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3544",
"datePublished": "2017-04-24T19:00:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-07T16:12:23.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2952 (GCVE-0-2018-2952)
Vulnerability from cvelistv5
Published
2018-07-18 13:00
Modified
2024-10-02 20:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u191 Version: 7u181 Version: 8u172 Version: 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:36:39.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:2254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2254"
},
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"name": "104765",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104765"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "RHSA-2018:2713",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2713"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0001/"
},
{
"name": "RHSA-2018:2242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2242"
},
{
"name": "RHSA-2018:2255",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2255"
},
{
"name": "USN-3747-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3747-1/"
},
{
"name": "RHSA-2018:2575",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2575"
},
{
"name": "RHSA-2018:2256",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2256"
},
{
"name": "RHSA-2018:2576",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2576"
},
{
"name": "RHSA-2018:2241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2241"
},
{
"name": "RHSA-2018:2253",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2253"
},
{
"name": "RHSA-2018:2568",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2568"
},
{
"name": "RHSA-2018:2569",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2569"
},
{
"name": "USN-3735-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3735-1/"
},
{
"name": "RHSA-2018:2712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2712"
},
{
"name": "RHSA-2018:3008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"name": "RHSA-2018:2286",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2286"
},
{
"name": "DSA-4268",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4268"
},
{
"name": "RHSA-2018:2283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2283"
},
{
"name": "1041302",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041302"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03882en_us"
},
{
"name": "USN-3734-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3734-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03928en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2952",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:11:07.777376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T20:14:51.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u191"
},
{
"status": "affected",
"version": "7u181"
},
{
"status": "affected",
"version": "8u172"
},
{
"status": "affected",
"version": "10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-17T19:06:03",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:2254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2254"
},
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"name": "104765",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104765"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "RHSA-2018:2713",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2713"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180726-0001/"
},
{
"name": "RHSA-2018:2242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2242"
},
{
"name": "RHSA-2018:2255",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2255"
},
{
"name": "USN-3747-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3747-1/"
},
{
"name": "RHSA-2018:2575",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2575"
},
{
"name": "RHSA-2018:2256",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2256"
},
{
"name": "RHSA-2018:2576",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2576"
},
{
"name": "RHSA-2018:2241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2241"
},
{
"name": "RHSA-2018:2253",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2253"
},
{
"name": "RHSA-2018:2568",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2568"
},
{
"name": "RHSA-2018:2569",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2569"
},
{
"name": "USN-3735-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3735-1/"
},
{
"name": "RHSA-2018:2712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2712"
},
{
"name": "RHSA-2018:3008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"name": "RHSA-2018:2286",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2286"
},
{
"name": "DSA-4268",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4268"
},
{
"name": "RHSA-2018:2283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2283"
},
{
"name": "1041302",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041302"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03882en_us"
},
{
"name": "USN-3734-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3734-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03928en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u191"
},
{
"version_affected": "=",
"version_value": "7u181"
},
{
"version_affected": "=",
"version_value": "8u172"
},
{
"version_affected": "=",
"version_value": "10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:2254",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2254"
},
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"name": "104765",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104765"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "RHSA-2018:2713",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2713"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0001/"
},
{
"name": "RHSA-2018:2242",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2242"
},
{
"name": "RHSA-2018:2255",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2255"
},
{
"name": "USN-3747-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3747-1/"
},
{
"name": "RHSA-2018:2575",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2575"
},
{
"name": "RHSA-2018:2256",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2256"
},
{
"name": "RHSA-2018:2576",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2576"
},
{
"name": "RHSA-2018:2241",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2241"
},
{
"name": "RHSA-2018:2253",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2253"
},
{
"name": "RHSA-2018:2568",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2568"
},
{
"name": "RHSA-2018:2569",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2569"
},
{
"name": "USN-3735-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3735-1/"
},
{
"name": "RHSA-2018:2712",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2712"
},
{
"name": "RHSA-2018:3008",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"name": "RHSA-2018:2286",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2286"
},
{
"name": "DSA-4268",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4268"
},
{
"name": "RHSA-2018:2283",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2283"
},
{
"name": "1041302",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041302"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03882en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03882en_us"
},
{
"name": "USN-3734-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3734-1/"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03928en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03928en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2952",
"datePublished": "2018-07-18T13:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-02T20:14:51.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4000 (GCVE-0-2015-4000)
Vulnerability from cvelistv5
Published
2015-05-21 00:00
Modified
2024-08-06 06:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.725Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:1184",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"name": "SUSE-SU-2015:1177",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html"
},
{
"name": "SSRT102180",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"name": "openSUSE-SU-2015:1229",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
},
{
"name": "1033208",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033208"
},
{
"name": "1032637",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032637"
},
{
"name": "HPSBGN03404",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050121701297\u0026w=2"
},
{
"name": "DSA-3688",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"name": "DSA-3287",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"name": "HPSBUX03512",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"name": "1032865",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032865"
},
{
"name": "HPSBGN03351",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143557934009303\u0026w=2"
},
{
"name": "SUSE-SU-2015:1268",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
},
{
"name": "SUSE-SU-2015:1150",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"name": "1034728",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034728"
},
{
"name": "SUSE-SU-2015:1183",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"name": "1032656",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032656"
},
{
"name": "RHSA-2016:2056",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name": "[oss-security] 20150520 CVE-2015-4000 - TLS does not properly convey server\u0027s ciphersuite choice",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2015/05/20/8"
},
{
"name": "openSUSE-SU-2015:1684",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
},
{
"name": "HPSBGN03361",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143628304012255\u0026w=2"
},
{
"name": "HPSBGN03399",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
},
{
"name": "1032475",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032475"
},
{
"name": "1032960",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032960"
},
{
"name": "openSUSE-SU-2016:0255",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html"
},
{
"name": "1032653",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032653"
},
{
"name": "SUSE-SU-2016:0224",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html"
},
{
"name": "1033385",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033385"
},
{
"name": "GLSA-201512-10",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "openSUSE-SU-2016:0483",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html"
},
{
"name": "1032864",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032864"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "1032645",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032645"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "GLSA-201701-46",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "1033760",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033760"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1197",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html"
},
{
"name": "HPSBMU03401",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
},
{
"name": "1032699",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032699"
},
{
"name": "1032476",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032476"
},
{
"name": "1032649",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032649"
},
{
"name": "HPSBMU03345",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
},
{
"name": "HPSBUX03363",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143637549705650\u0026w=2"
},
{
"name": "RHSA-2015:1544",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"name": "FEDORA-2015-9130",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html"
},
{
"name": "SUSE-SU-2015:1182",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"name": "SSRT102112",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196"
},
{
"name": "1032688",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032688"
},
{
"name": "SUSE-SU-2015:1143",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"name": "1032652",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032652"
},
{
"name": "FEDORA-2015-9048",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html"
},
{
"name": "RHSA-2015:1185",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1185.html"
},
{
"name": "HPSBGN03362",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558092609708\u0026w=2"
},
{
"name": "APPLE-SA-2015-06-30-2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "FEDORA-2015-9161",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html"
},
{
"name": "HPSBGN03402",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
},
{
"name": "1032648",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032648"
},
{
"name": "1032759",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032759"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "HPSBGN03405",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "1033209",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033209"
},
{
"name": "1032871",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032871"
},
{
"name": "DSA-3324",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3324"
},
{
"name": "1032655",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032655"
},
{
"name": "1033210",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033210"
},
{
"name": "HPSBGN03411",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144061542602287\u0026w=2"
},
{
"name": "openSUSE-SU-2015:1277",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"name": "HPSBGN03533",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145409266329539\u0026w=2"
},
{
"name": "USN-2673-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2673-1"
},
{
"name": "1034884",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034884"
},
{
"name": "HPSBMU03356",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143506486712441\u0026w=2"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "1033064",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033064"
},
{
"name": "SUSE-SU-2015:1181",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"name": "1032778",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032778"
},
{
"name": "1032474",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032474"
},
{
"name": "SSRT102254",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"name": "HPSBGN03407",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
},
{
"name": "openSUSE-SU-2015:1209",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html"
},
{
"name": "1032784",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032784"
},
{
"name": "1032777",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032777"
},
{
"name": "1033416",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033416"
},
{
"name": "1033991",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033991"
},
{
"name": "1032647",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032647"
},
{
"name": "1032654",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032654"
},
{
"name": "1033341",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033341"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "SUSE-SU-2015:1663",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"name": "1033433",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033433"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "APPLE-SA-2015-06-30-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
},
{
"name": "1032702",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032702"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "1032727",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032727"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"name": "SUSE-SU-2015:1269",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
},
{
"name": "GLSA-201506-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1624",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"name": "openSUSE-SU-2015:1266",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "1033430",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033430"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "openSUSE-SU-2016:0478",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html"
},
{
"name": "SUSE-SU-2015:1581",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html"
},
{
"name": "HPSBUX03388",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "74733",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74733"
},
{
"name": "openSUSE-SU-2016:0261",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html"
},
{
"name": "1032651",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032651"
},
{
"name": "1033065",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033065"
},
{
"name": "USN-2656-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2656-1"
},
{
"name": "SUSE-SU-2015:1185",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"name": "1033222",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033222"
},
{
"name": "1036218",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036218"
},
{
"name": "SUSE-SU-2015:1449",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"name": "HPSBGN03373",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143655800220052\u0026w=2"
},
{
"name": "1040630",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040630"
},
{
"name": "openSUSE-SU-2015:1139",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"name": "1034087",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034087"
},
{
"name": "1033513",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033513"
},
{
"name": "1032884",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032884"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"name": "SUSE-SU-2016:0262",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html"
},
{
"name": "1032932",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032932"
},
{
"name": "1033891",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033891"
},
{
"name": "openSUSE-SU-2016:0226",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html"
},
{
"name": "1032783",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032783"
},
{
"name": "1032856",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032856"
},
{
"name": "NetBSD-SA2015-008",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
},
{
"name": "DSA-3300",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3300"
},
{
"name": "USN-2656-2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2656-2"
},
{
"name": "1033067",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033067"
},
{
"name": "1033019",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033019"
},
{
"name": "RHSA-2015:1072",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1072.html"
},
{
"name": "1032650",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032650"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10681"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739"
},
{
"tags": [
"x_transferred"
],
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10122"
},
{
"tags": [
"x_transferred"
],
"url": "http://support.apple.com/kb/HT204941"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812"
},
{
"tags": [
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745"
},
{
"tags": [
"x_transferred"
],
"url": "https://weakdh.org/imperfect-forward-secrecy.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325"
},
{
"tags": [
"x_transferred"
],
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"tags": [
"x_transferred"
],
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20150619-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2015-4000.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722"
},
{
"tags": [
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX201114"
},
{
"tags": [
"x_transferred"
],
"url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380"
},
{
"tags": [
"x_transferred"
],
"url": "http://support.apple.com/kb/HT204942"
},
{
"tags": [
"x_transferred"
],
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083"
},
{
"tags": [
"x_transferred"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc"
},
{
"tags": [
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"tags": [
"x_transferred"
],
"url": "https://puppet.com/security/cve/CVE-2015-4000"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX216642"
},
{
"tags": [
"x_transferred"
],
"url": "https://weakdh.org/"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481"
},
{
"tags": [
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554"
},
{
"tags": [
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SU-2015:1184",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"name": "SUSE-SU-2015:1177",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html"
},
{
"name": "SSRT102180",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"name": "openSUSE-SU-2015:1229",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
},
{
"name": "1033208",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033208"
},
{
"name": "1032637",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032637"
},
{
"name": "HPSBGN03404",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144050121701297\u0026w=2"
},
{
"name": "DSA-3688",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3688"
},
{
"name": "DSA-3287",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"name": "HPSBUX03512",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"name": "1032865",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032865"
},
{
"name": "HPSBGN03351",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143557934009303\u0026w=2"
},
{
"name": "SUSE-SU-2015:1268",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
},
{
"name": "SUSE-SU-2015:1150",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"name": "1034728",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1034728"
},
{
"name": "SUSE-SU-2015:1183",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"name": "1032656",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032656"
},
{
"name": "RHSA-2016:2056",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name": "[oss-security] 20150520 CVE-2015-4000 - TLS does not properly convey server\u0027s ciphersuite choice",
"tags": [
"mailing-list"
],
"url": "http://openwall.com/lists/oss-security/2015/05/20/8"
},
{
"name": "openSUSE-SU-2015:1684",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
},
{
"name": "HPSBGN03361",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143628304012255\u0026w=2"
},
{
"name": "HPSBGN03399",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
},
{
"name": "1032475",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032475"
},
{
"name": "1032960",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032960"
},
{
"name": "openSUSE-SU-2016:0255",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html"
},
{
"name": "1032653",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032653"
},
{
"name": "SUSE-SU-2016:0224",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html"
},
{
"name": "1033385",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033385"
},
{
"name": "GLSA-201512-10",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "openSUSE-SU-2016:0483",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html"
},
{
"name": "1032864",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032864"
},
{
"name": "1032910",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "1032645",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032645"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "GLSA-201701-46",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "1033760",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033760"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1197",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html"
},
{
"name": "HPSBMU03401",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
},
{
"name": "1032699",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032699"
},
{
"name": "1032476",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032476"
},
{
"name": "1032649",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032649"
},
{
"name": "HPSBMU03345",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
},
{
"name": "HPSBUX03363",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143637549705650\u0026w=2"
},
{
"name": "RHSA-2015:1544",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"name": "FEDORA-2015-9130",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html"
},
{
"name": "SUSE-SU-2015:1182",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"name": "SSRT102112",
"tags": [
"vendor-advisory"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196"
},
{
"name": "1032688",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032688"
},
{
"name": "SUSE-SU-2015:1143",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"name": "1032652",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032652"
},
{
"name": "FEDORA-2015-9048",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html"
},
{
"name": "RHSA-2015:1185",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1185.html"
},
{
"name": "HPSBGN03362",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143558092609708\u0026w=2"
},
{
"name": "APPLE-SA-2015-06-30-2",
"tags": [
"vendor-advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "FEDORA-2015-9161",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html"
},
{
"name": "HPSBGN03402",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
},
{
"name": "1032648",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032648"
},
{
"name": "1032759",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032759"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "HPSBGN03405",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "1033209",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033209"
},
{
"name": "1032871",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032871"
},
{
"name": "DSA-3324",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3324"
},
{
"name": "1032655",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032655"
},
{
"name": "1033210",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033210"
},
{
"name": "HPSBGN03411",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144061542602287\u0026w=2"
},
{
"name": "openSUSE-SU-2015:1277",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"name": "HPSBGN03533",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145409266329539\u0026w=2"
},
{
"name": "USN-2673-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2673-1"
},
{
"name": "1034884",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1034884"
},
{
"name": "HPSBMU03356",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143506486712441\u0026w=2"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "1033064",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033064"
},
{
"name": "SUSE-SU-2015:1181",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"name": "1032778",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032778"
},
{
"name": "1032474",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032474"
},
{
"name": "SSRT102254",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
},
{
"name": "HPSBGN03407",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
},
{
"name": "openSUSE-SU-2015:1209",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html"
},
{
"name": "1032784",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032784"
},
{
"name": "1032777",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032777"
},
{
"name": "1033416",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033416"
},
{
"name": "1033991",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033991"
},
{
"name": "1032647",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032647"
},
{
"name": "1032654",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032654"
},
{
"name": "1033341",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033341"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "SUSE-SU-2015:1663",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html"
},
{
"name": "1033433",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033433"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "APPLE-SA-2015-06-30-1",
"tags": [
"vendor-advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
},
{
"name": "1032702",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032702"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "1032727",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032727"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"name": "SUSE-SU-2015:1269",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
},
{
"name": "GLSA-201506-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"name": "91787",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1624",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1624.html"
},
{
"name": "openSUSE-SU-2015:1266",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "1033430",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033430"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "openSUSE-SU-2016:0478",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html"
},
{
"name": "SUSE-SU-2015:1581",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html"
},
{
"name": "HPSBUX03388",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143880121627664\u0026w=2"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "74733",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/74733"
},
{
"name": "openSUSE-SU-2016:0261",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html"
},
{
"name": "1032651",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032651"
},
{
"name": "1033065",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033065"
},
{
"name": "USN-2656-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2656-1"
},
{
"name": "SUSE-SU-2015:1185",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"name": "1033222",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033222"
},
{
"name": "1036218",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1036218"
},
{
"name": "SUSE-SU-2015:1449",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"name": "HPSBGN03373",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143655800220052\u0026w=2"
},
{
"name": "1040630",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1040630"
},
{
"name": "openSUSE-SU-2015:1139",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"name": "1034087",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1034087"
},
{
"name": "1033513",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033513"
},
{
"name": "1032884",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032884"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"name": "SUSE-SU-2016:0262",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html"
},
{
"name": "1032932",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032932"
},
{
"name": "1033891",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033891"
},
{
"name": "openSUSE-SU-2016:0226",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html"
},
{
"name": "1032783",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032783"
},
{
"name": "1032856",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032856"
},
{
"name": "NetBSD-SA2015-008",
"tags": [
"vendor-advisory"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
},
{
"name": "DSA-3300",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3300"
},
{
"name": "USN-2656-2",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2656-2"
},
{
"name": "1033067",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033067"
},
{
"name": "1033019",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1033019"
},
{
"name": "RHSA-2015:1072",
"tags": [
"vendor-advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1072.html"
},
{
"name": "1032650",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1032650"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10681"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962739"
},
{
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403"
},
{
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10122"
},
{
"url": "http://support.apple.com/kb/HT204941"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21962816"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959812"
},
{
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21959745"
},
{
"url": "https://weakdh.org/imperfect-forward-secrecy.pdf"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21959132"
},
{
"url": "https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959539"
},
{
"url": "https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959325"
},
{
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778"
},
{
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03831en_us"
},
{
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21967893"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21958984"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959517"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959195"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21961717"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959453"
},
{
"url": "https://security.netapp.com/advisory/ntap-20150619-0001/"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959111"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960418"
},
{
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
},
{
"url": "https://www.suse.com/security/cve/CVE-2015-4000.html"
},
{
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722"
},
{
"url": "http://support.citrix.com/article/CTX201114"
},
{
"url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960380"
},
{
"url": "http://support.apple.com/kb/HT204942"
},
{
"url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083"
},
{
"url": "http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959530"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960191"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959636"
},
{
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"url": "https://puppet.com/security/cve/CVE-2015-4000"
},
{
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-70.html"
},
{
"url": "http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm"
},
{
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
},
{
"url": "https://support.citrix.com/article/CTX216642"
},
{
"url": "https://weakdh.org/"
},
{
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959481"
},
{
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138554"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962455"
},
{
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"url": "http://www.fortiguard.com/advisory/2015-05-20-logjam-attack"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4000",
"datePublished": "2015-05-21T00:00:00",
"dateReserved": "2015-05-15T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2796 (GCVE-0-2018-2796)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2025-05-06 14:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 7u171 Version: 8u162 Version: 10; Java SE Embedded: 8u161; JRockit: R28.3.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "103868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103868"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-2796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:35.043479Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T14:59:14.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 7u171"
},
{
"status": "affected",
"version": "8u162"
},
{
"status": "affected",
"version": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
],
"datePublic": "2018-03-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-20T00:06:06.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "103868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103868"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2796",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 7u171"
},
{
"version_affected": "=",
"version_value": "8u162"
},
{
"version_affected": "=",
"version_value": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "103868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103868"
},
{
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2796",
"datePublished": "2018-04-19T02:00:00.000Z",
"dateReserved": "2017-12-15T00:00:00.000Z",
"dateUpdated": "2025-05-06T14:59:14.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10281 (GCVE-0-2017-10281)
Vulnerability from cvelistv5
Published
2017-10-19 17:00
Modified
2024-10-04 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u161 Version: 7u151 Version: 8u144 Version: 9; Java SE Embedded: 8u144; JRockit: R28.3.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "101378",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101378"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:35:40.396884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T16:55:34.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u161"
},
{
"status": "affected",
"version": "7u151"
},
{
"status": "affected",
"version": "8u144"
},
{
"status": "affected",
"version": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
}
]
}
],
"datePublic": "2017-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "101378",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101378"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u161"
},
{
"version_affected": "=",
"version_value": "7u151"
},
{
"version_affected": "=",
"version_value": "8u144"
},
{
"version_affected": "=",
"version_value": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "101378",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101378"
},
{
"name": "1039596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171019-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10281",
"datePublished": "2017-10-19T17:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T16:55:34.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2783 (GCVE-0-2018-2783)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2024-10-03 20:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "103832",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103832"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2783",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:20:39.941493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:19:22.002Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-20T00:06:05",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "103832",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103832"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "103832",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103832"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2783",
"datePublished": "2018-04-19T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:19:22.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10243 (GCVE-0-2017-10243)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 17:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u151 Version: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "99827",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99827"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:36:17.006654Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T17:05:27.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u151"
},
{
"status": "affected",
"version": "7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "99827",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99827"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u151"
},
{
"version_affected": "=",
"version_value": "7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "RHSA-2017:2424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "99827",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99827"
},
{
"name": "RHSA-2017:2481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10243",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T17:05:27.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0475 (GCVE-0-2016-0475)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:22:55.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1034715",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034715"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2016:0049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148"
},
{
"name": "SUSE-SU-2016:0256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"name": "RHSA-2016:0055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"name": "RHSA-2016:0050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "1034715",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034715"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2016:0049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148"
},
{
"name": "SUSE-SU-2016:0256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"name": "RHSA-2016:0055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"name": "RHSA-2016:0050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0475",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034715",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034715"
},
{
"name": "GLSA-201610-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2016:0049",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148"
},
{
"name": "SUSE-SU-2016:0256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"name": "RHSA-2016:0055",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"name": "RHSA-2016:0050",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-0475",
"datePublished": "2016-01-21T02:00:00",
"dateReserved": "2015-12-09T00:00:00",
"dateUpdated": "2024-08-05T22:22:55.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4002 (GCVE-0-2013-4002)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IC98015",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2015:0765",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "RHSA-2015:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "61310",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61310"
},
{
"name": "RHSA-2015:0773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"name": "RHSA-2015:0720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "RHSA-2014:1822",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"name": "56257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56257"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "RHSA-2014:1823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "RHSA-2014:1818",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"name": "RHSA-2014:1821",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"name": "ibm-java-cve20134002-dos(85260)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:19:06",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IC98015",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2015:0765",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "RHSA-2015:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "61310",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61310"
},
{
"name": "RHSA-2015:0773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"name": "RHSA-2015:0720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "RHSA-2014:1822",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"name": "56257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56257"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "RHSA-2014:1823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "RHSA-2014:1818",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"name": "RHSA-2014:1821",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"name": "ibm-java-cve20134002-dos(85260)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-4002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IC98015",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2015:0765",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "RHSA-2015:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "61310",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61310"
},
{
"name": "RHSA-2015:0773",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"name": "RHSA-2015:0720",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "RHSA-2014:1822",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"name": "56257",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56257"
},
{
"name": "SUSE-SU-2013:1263",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "RHSA-2014:1823",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "SUSE-SU-2013:1293",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E"
},
{
"name": "SUSE-SU-2013:1255",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "RHSA-2014:1818",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"name": "RHSA-2014:1821",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"name": "SUSE-SU-2013:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"name": "ibm-java-cve20134002-dos(85260)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21648172",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"name": "https://issues.apache.org/jira/browse/XERCESJ-1679",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"name": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "MISC",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-4002",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-06-07T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3514 (GCVE-0-2017-3514)
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-10-04 19:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE.
Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u141 Version: 7u131 Version: 8u121 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:30:57.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "97729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97729"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3514",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T16:22:48.259520Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:25:32.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u141"
},
{
"status": "affected",
"version": "7u131"
},
{
"status": "affected",
"version": "8u121"
}
]
}
],
"datePublic": "2017-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "97729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97729"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u141"
},
{
"version_affected": "=",
"version_value": "7u131"
},
{
"version_affected": "=",
"version_value": "8u121"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201705-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "97729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97729"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "1038286",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3514",
"datePublished": "2017-04-24T19:00:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-04T19:25:32.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4749 (GCVE-0-2015-4749)
Vulnerability from cvelistv5
Published
2015-07-16 10:00
Modified
2024-08-06 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:25:21.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75890",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75890"
},
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "75890",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75890"
},
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4749",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75890",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75890"
},
{
"name": "RHSA-2015:1243",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "RHSA-2015:1486",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "RHSA-2015:1488",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-4749",
"datePublished": "2015-07-16T10:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:25:21.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0429 (GCVE-0-2014-0429)
Vulnerability from cvelistv5
Published
2014-04-15 22:00
Modified
2024-08-06 09:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "66856",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66856"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "58974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58974"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "66856",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66856"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "58974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58974"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2187-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21675973",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "66856",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66856"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59058"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "58974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58974"
},
{
"name": "DSA-2912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-0429",
"datePublished": "2014-04-15T22:00:00",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2633 (GCVE-0-2018-2633)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102557",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102557"
},
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:19:49.941421Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:39:17.310Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "102557",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102557"
},
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102557"
},
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2633",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:39:17.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3202 (GCVE-0-2012-3202)
Vulnerability from cvelistv5
Published
2012-10-17 00:00
Modified
2024-08-06 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:50.313Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56050",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56050"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-01T10:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "56050",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56050"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-3202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56050",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56050"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2012-3202",
"datePublished": "2012-10-17T00:00:00",
"dateReserved": "2012-06-06T00:00:00",
"dateUpdated": "2024-08-06T19:57:50.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10355 (GCVE-0-2017-10355)
Vulnerability from cvelistv5
Published
2017-10-19 17:00
Modified
2024-10-04 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u161 Version: 7u151 Version: 8u144 Version: 9; Java SE Embedded: 8u144; JRockit: R28.3.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:41:55.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "101369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101369"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:35:22.324398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T16:48:32.115Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u161"
},
{
"status": "affected",
"version": "7u151"
},
{
"status": "affected",
"version": "8u144"
},
{
"status": "affected",
"version": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
}
]
}
],
"datePublic": "2017-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "101369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101369"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u161"
},
{
"version_affected": "=",
"version_value": "7u151"
},
{
"version_affected": "=",
"version_value": "8u144"
},
{
"version_affected": "=",
"version_value": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171019-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "101369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101369"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10355",
"datePublished": "2017-10-19T17:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T16:48:32.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10115 (GCVE-0-2017-10115)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 19:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u151 Version: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "99774",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99774"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10115",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:36:48.371666Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:02:31.369Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u151"
},
{
"status": "affected",
"version": "7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "99774",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99774"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u151"
},
{
"version_affected": "=",
"version_value": "7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "99774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99774"
},
{
"name": "RHSA-2017:2424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10115",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T19:02:31.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5802 (GCVE-0-2013-5802)
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:31.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "oval:org.mitre.oval:def:19207",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19207"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019130"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "63135",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63135"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "oval:org.mitre.oval:def:19207",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19207"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019130"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "63135",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63135"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "oval:org.mitre.oval:def:19207",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19207"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019130",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019130"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "63135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63135"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5802",
"datePublished": "2013-10-16T17:31:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:31.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10176 (GCVE-0-2017-10176)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 17:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "99788",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99788"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:36:31.501312Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T17:12:17.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "99788",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99788"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "99788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99788"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10176",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T17:12:17.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0453 (GCVE-0-2014-0453)
Vulnerability from cvelistv5
Published
2014-04-16 01:00
Modified
2024-08-06 09:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"name": "59022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59022"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
},
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "59324",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59324"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
},
{
"name": "59733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59733"
},
{
"name": "61050",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61050"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "61264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61264"
},
{
"name": "59194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59194"
},
{
"name": "60498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60498"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"name": "59436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59436"
},
{
"name": "59653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59653"
},
{
"name": "59071",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59071"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "66914",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66914"
},
{
"name": "60117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"name": "60574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60574"
},
{
"name": "59722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59722"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "59104",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59104"
},
{
"name": "59675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59675"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "59438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21674530"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"name": "59023",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59023"
},
{
"name": "59307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59307"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"name": "59082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59082"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
},
{
"name": "59250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59250"
},
{
"name": "60580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60580"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "59255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59255"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"name": "60111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60111"
},
{
"name": "60003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"name": "59022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59022"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
},
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "59324",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59324"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
},
{
"name": "59733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59733"
},
{
"name": "61050",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61050"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "61264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61264"
},
{
"name": "59194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59194"
},
{
"name": "60498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60498"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"name": "59436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59436"
},
{
"name": "59653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59653"
},
{
"name": "59071",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59071"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "66914",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66914"
},
{
"name": "60117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"name": "60574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60574"
},
{
"name": "59722",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59722"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "59104",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59104"
},
{
"name": "59675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59675"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "59438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21674530"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"name": "59023",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59023"
},
{
"name": "59307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59307"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"name": "59082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59082"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
},
{
"name": "59250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59250"
},
{
"name": "60580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60580"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "59255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59255"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"name": "60111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60111"
},
{
"name": "60003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"name": "59022",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59022"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
},
{
"name": "USN-2187-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "59324",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59324"
},
{
"name": "USN-2191-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
},
{
"name": "59733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59733"
},
{
"name": "61050",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61050"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681047"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675945"
},
{
"name": "RHSA-2014:0413",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "61264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61264"
},
{
"name": "59194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59194"
},
{
"name": "60498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60498"
},
{
"name": "RHSA-2014:0685",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"name": "59436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59436"
},
{
"name": "59653",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59653"
},
{
"name": "59071",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59071"
},
{
"name": "DSA-2912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "66914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66914"
},
{
"name": "60117",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60117"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"name": "60574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60574"
},
{
"name": "59722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59722"
},
{
"name": "58415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58415"
},
{
"name": "59104",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59104"
},
{
"name": "59675",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59675"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "59438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59438"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21674530",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21674530"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21677387",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"name": "59023",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59023"
},
{
"name": "59307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59307"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21675343",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"name": "59082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59082"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
},
{
"name": "59250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59250"
},
{
"name": "60580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60580"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "59255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59255"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"name": "60111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60111"
},
{
"name": "60003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60003"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21675588",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-0453",
"datePublished": "2014-04-16T01:00:00",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0410 (GCVE-0-2015-0410)
Vulnerability from cvelistv5
Published
2015-01-21 18:00
Modified
2024-08-06 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:0503",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "DSA-3144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "RHSA-2015:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"name": "RHSA-2015:0079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "USN-2487-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "oracle-cpujan2015-cve20150410(100151)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100151"
},
{
"name": "RHSA-2015:0085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "72165",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72165"
},
{
"name": "RHSA-2015:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "SUSE-SU-2015:0336",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"name": "RHSA-2015:0068",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "USN-2486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"name": "SSRT101968",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "DSA-3147",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2015:0503",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "DSA-3144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "RHSA-2015:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"name": "RHSA-2015:0079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "USN-2487-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "oracle-cpujan2015-cve20150410(100151)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100151"
},
{
"name": "RHSA-2015:0085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "72165",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72165"
},
{
"name": "RHSA-2015:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "SUSE-SU-2015:0336",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"name": "RHSA-2015:0068",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "USN-2486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"name": "SSRT101968",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "DSA-3147",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:0503",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "DSA-3144",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "RHSA-2015:0136",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"name": "RHSA-2015:0079",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "USN-2487-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "oracle-cpujan2015-cve20150410(100151)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100151"
},
{
"name": "RHSA-2015:0085",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "72165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72165"
},
{
"name": "RHSA-2015:0086",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "SUSE-SU-2015:0336",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"name": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474",
"refsource": "CONFIRM",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"name": "RHSA-2015:0068",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "USN-2486-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"refsource": "HP",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"name": "SSRT101968",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "DSA-3147",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3147"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0410",
"datePublished": "2015-01-21T18:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2421 (GCVE-0-2014-2421)
Vulnerability from cvelistv5
Published
2014-04-16 02:05
Modified
2024-08-06 10:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "66881",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66881"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "66881",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66881"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-2421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2187-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "66881",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66881"
},
{
"name": "DSA-2912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-2421",
"datePublished": "2014-04-16T02:05:00",
"dateReserved": "2014-03-13T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5797 (GCVE-0-2013-5797)
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:31.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "63095",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63095"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "oval:org.mitre.oval:def:18956",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18956"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "63095",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63095"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "oval:org.mitre.oval:def:18956",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18956"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "63095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63095"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "oval:org.mitre.oval:def:18956",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18956"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5797",
"datePublished": "2013-10-16T17:31:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:31.005Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10108 (GCVE-0-2017-10108)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 19:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u151 Version: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "99846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99846"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:36:50.295752Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:03:24.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u151"
},
{
"status": "affected",
"version": "7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "99846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99846"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u151"
},
{
"version_affected": "=",
"version_value": "7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "99846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99846"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10108",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T19:03:24.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2815 (GCVE-0-2018-2815)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2025-05-06 14:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u181 Version: 7u171 Version: 8u162 Version: 10; Java SE Embedded: 8u161; JRockit: R28.3.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "103848",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103848"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-2815",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:32.151263Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T14:59:02.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u181"
},
{
"status": "affected",
"version": "7u171"
},
{
"status": "affected",
"version": "8u162"
},
{
"status": "affected",
"version": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
],
"datePublic": "2018-03-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-20T00:06:05.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "103848",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103848"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u181"
},
{
"version_affected": "=",
"version_value": "7u171"
},
{
"version_affected": "=",
"version_value": "8u162"
},
{
"version_affected": "=",
"version_value": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1203",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "103848",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103848"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2815",
"datePublished": "2018-04-19T02:00:00.000Z",
"dateReserved": "2017-12-15T00:00:00.000Z",
"dateUpdated": "2025-05-06T14:59:02.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10109 (GCVE-0-2017-10109)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 19:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u151 Version: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "99847",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99847"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10109",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:36:49.347638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:03:14.843Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u151"
},
{
"status": "affected",
"version": "7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "99847",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99847"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u151"
},
{
"version_affected": "=",
"version_value": "7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "RHSA-2017:2424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "99847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99847"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10109",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T19:03:14.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6593 (GCVE-0-2014-6593)
Vulnerability from cvelistv5
Published
2015-01-21 15:00
Modified
2024-08-06 12:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:24.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:0503",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "DSA-3144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "RHSA-2015:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"name": "RHSA-2015:0079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"name": "38641",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/38641/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"name": "72169",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72169"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "USN-2487-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134251/Java-Secure-Socket-Extension-JSSE-SKIP-TLS.html"
},
{
"name": "RHSA-2015:0085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "RHSA-2015:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:0336",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"name": "RHSA-2015:0068",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "USN-2486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"name": "SSRT101968",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "DSA-3147",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2015:0503",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "DSA-3144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "RHSA-2015:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"name": "RHSA-2015:0079",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"name": "38641",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/38641/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"name": "72169",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72169"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "USN-2487-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134251/Java-Secure-Socket-Extension-JSSE-SKIP-TLS.html"
},
{
"name": "RHSA-2015:0085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "RHSA-2015:0086",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:0336",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"name": "RHSA-2015:0068",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "USN-2486-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"name": "SSRT101968",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "DSA-3147",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3147"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:0503",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
},
{
"name": "DSA-3144",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3144"
},
{
"name": "RHSA-2015:0136",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0136.html"
},
{
"name": "RHSA-2015:0079",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0079.html"
},
{
"name": "38641",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38641/"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html"
},
{
"name": "72169",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72169"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "USN-2487-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2487-1"
},
{
"name": "http://packetstormsecurity.com/files/134251/Java-Secure-Socket-Extension-JSSE-SKIP-TLS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134251/Java-Secure-Socket-Extension-JSSE-SKIP-TLS.html"
},
{
"name": "RHSA-2015:0085",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0085.html"
},
{
"name": "RHSA-2015:0086",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0086.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:0336",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
},
{
"name": "RHSA-2015:0080",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0080.html"
},
{
"name": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474",
"refsource": "CONFIRM",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474"
},
{
"name": "RHSA-2015:0068",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0068.html"
},
{
"name": "USN-2486-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2486-1"
},
{
"name": "GLSA-201507-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-14"
},
{
"name": "SSRT101951",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "HPSBUX03281",
"refsource": "HP",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10104"
},
{
"name": "SSRT101968",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
},
{
"name": "openSUSE-SU-2015:0190",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
},
{
"name": "HPSBUX03273",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
},
{
"name": "1031580",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031580"
},
{
"name": "DSA-3147",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3147"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-6593",
"datePublished": "2015-01-21T15:00:00",
"dateReserved": "2014-09-17T00:00:00",
"dateUpdated": "2024-08-06T12:17:24.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0695 (GCVE-0-2016-0695)
Vulnerability from cvelistv5
Published
2016-04-21 10:00
Modified
2024-10-15 19:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:03.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "USN-2972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "openSUSE-SU-2016:1235",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "RHSA-2016:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"name": "86438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/86438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "GLSA-201606-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "1035596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035596"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "RHSA-2016:0679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "DSA-3558",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "RHSA-2016:0650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-0695",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T18:58:14.297955Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:08:50.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-09T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "openSUSE-SU-2016:1222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "USN-2972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "openSUSE-SU-2016:1235",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "RHSA-2016:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"name": "86438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/86438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "GLSA-201606-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "1035596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035596"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "RHSA-2016:0679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "DSA-3558",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "RHSA-2016:0650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0695",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "USN-2972-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "openSUSE-SU-2016:1235",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "RHSA-2016:0676",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20160420-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0723",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"name": "86438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/86438"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "GLSA-201606-18",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "1035596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035596"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "RHSA-2016:0679",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "DSA-3558",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "RHSA-2016:0650",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-0695",
"datePublished": "2016-04-21T10:00:00",
"dateReserved": "2015-12-09T00:00:00",
"dateUpdated": "2024-10-15T19:08:50.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2588 (GCVE-0-2018-2588)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "102661",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102661"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:23:04.885301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:44:11.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "102661",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102661"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "102661",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102661"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2588",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:44:11.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0457 (GCVE-0-2014-0457)
Vulnerability from cvelistv5
Published
2014-04-16 01:00
Modified
2024-08-06 09:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "58974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58974"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "66866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66866"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "58974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58974"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "66866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66866"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2187-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21675973",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59058"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "58974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58974"
},
{
"name": "DSA-2912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "66866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66866"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-0457",
"datePublished": "2014-04-16T01:00:00",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3253 (GCVE-0-2017-3253)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-10-09 19:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:23:32.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "95498",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95498"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3253",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:25:30.951033Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T19:44:22.269Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java SE",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "6u131"
},
{
"status": "affected",
"version": "7u121"
},
{
"status": "affected",
"version": "8u112"
}
]
},
{
"product": "Java SE Embedded",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "8u111"
}
]
},
{
"product": "JRockit",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "R28.3.12"
}
]
}
],
"datePublic": "2017-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "95498",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95498"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "6u131"
},
{
"version_value": "7u121"
},
{
"version_value": "8u112"
}
]
}
},
{
"product_name": "Java SE Embedded",
"version": {
"version_data": [
{
"version_value": "8u111"
}
]
}
},
{
"product_name": "JRockit",
"version": {
"version_data": [
{
"version_value": "R28.3.12"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0338",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "95498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95498"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3253",
"datePublished": "2017-01-27T22:01:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-09T19:44:22.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5782 (GCVE-0-2013-5782)
Vulnerability from cvelistv5
Published
2013-10-16 15:00
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:18645",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18645"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "63103",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63103"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:18645",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18645"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "63103",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63103"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5782",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:18645",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18645"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "63103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63103"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5782",
"datePublished": "2013-10-16T15:00:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:30.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4893 (GCVE-0-2015-4893)
Vulnerability from cvelistv5
Published
2015-10-21 23:00
Modified
2024-08-06 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:25:22.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "77207",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77207"
},
{
"name": "openSUSE-SU-2015:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "77207",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77207"
},
{
"name": "openSUSE-SU-2015:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4893",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:2182",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "77207",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77207"
},
{
"name": "openSUSE-SU-2015:1971",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-4893",
"datePublished": "2015-10-21T23:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:25:22.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10116 (GCVE-0-2017-10116)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 19:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u151 Version: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:15.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "99734",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99734"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10116",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:39:25.933782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:02:23.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u151"
},
{
"status": "affected",
"version": "7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "99734",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99734"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u151"
},
{
"version_affected": "=",
"version_value": "7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "99734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99734"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10116",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T19:02:23.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5803 (GCVE-0-2013-5803)
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "63082",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63082"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "oval:org.mitre.oval:def:18874",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18874"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "63082",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63082"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "oval:org.mitre.oval:def:18874",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18874"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "63082",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63082"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "oval:org.mitre.oval:def:18874",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18874"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5803",
"datePublished": "2013-10-16T17:31:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:30.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3511 (GCVE-0-2017-3511)
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-10-04 19:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 7u131 Version: 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:30:57.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:1117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "97731",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97731"
},
{
"name": "RHSA-2017:1109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T16:22:50.395616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:25:50.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 7u131"
},
{
"status": "affected",
"version": "8u121; Java SE Embedded: 8u121; JRockit: R28.3.13"
}
]
}
],
"datePublic": "2017-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:1117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "97731",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97731"
},
{
"name": "RHSA-2017:1109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 7u131"
},
{
"version_affected": "=",
"version_value": "8u121; Java SE Embedded: 8u121; JRockit: R28.3.13"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1221",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "RHSA-2017:1117",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "97731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97731"
},
{
"name": "RHSA-2017:1109",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3511",
"datePublished": "2017-04-24T19:00:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-04T19:25:50.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3526 (GCVE-0-2017-3526)
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-10-07 16:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u141 Version: 7u131 Version: 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:30:57.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "97733",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97733"
},
{
"name": "RHSA-2017:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3526",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T15:45:07.168907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T16:13:25.854Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u141"
},
{
"status": "affected",
"version": "7u131"
},
{
"status": "affected",
"version": "8u121; Java SE Embedded: 8u121; JRockit: R28.3.13"
}
]
}
],
"datePublic": "2017-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "97733",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97733"
},
{
"name": "RHSA-2017:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u141"
},
{
"version_affected": "=",
"version_value": "7u131"
},
{
"version_affected": "=",
"version_value": "8u121; Java SE Embedded: 8u121; JRockit: R28.3.13"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201705-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1117",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "97733",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97733"
},
{
"name": "RHSA-2017:1118",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1119",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3526",
"datePublished": "2017-04-24T19:00:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-07T16:13:25.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10345 (GCVE-0-2017-10345)
Vulnerability from cvelistv5
Published
2017-10-19 17:00
Modified
2024-10-04 16:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u161 Version: 7u151 Version: 8u144 Version: 9; Java SE Embedded: 8u144; JRockit: R28.3.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:41:54.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101396",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101396"
},
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10345",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:43:36.658497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T16:49:38.245Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u161"
},
{
"status": "affected",
"version": "7u151"
},
{
"status": "affected",
"version": "8u144"
},
{
"status": "affected",
"version": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
}
]
}
],
"datePublic": "2017-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "101396",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101396"
},
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10345",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u161"
},
{
"version_affected": "=",
"version_value": "7u151"
},
{
"version_affected": "=",
"version_value": "8u144"
},
{
"version_affected": "=",
"version_value": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101396"
},
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "RHSA-2017:3264",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171019-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10345",
"datePublished": "2017-10-19T17:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T16:49:38.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5780 (GCVE-0-2013-5780)
Vulnerability from cvelistv5
Published
2013-10-16 15:00
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1018785"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:19101",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19101"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "63115",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63115"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1018785"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:19101",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19101"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "63115",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63115"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5780",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1018785",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1018785"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:19101",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19101"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "63115",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63115"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5780",
"datePublished": "2013-10-16T15:00:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:30.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6512 (GCVE-0-2014-6512)
Vulnerability from cvelistv5
Published
2014-10-15 22:03
Modified
2024-08-06 12:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:24.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61609"
},
{
"name": "70567",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70567"
},
{
"name": "61928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61163"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "DSA-3080",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "60414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61609"
},
{
"name": "70567",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70567"
},
{
"name": "61928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61163"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "DSA-3080",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61609"
},
{
"name": "70567",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70567"
},
{
"name": "61928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61163"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1633.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1634.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "DSA-3080",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1636",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-6512",
"datePublished": "2014-10-15T22:03:00",
"dateReserved": "2014-09-17T00:00:00",
"dateUpdated": "2024-08-06T12:17:24.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6517 (GCVE-0-2014-6517)
Vulnerability from cvelistv5
Published
2014-10-15 22:03
Modified
2024-08-06 12:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:24.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "61609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61163"
},
{
"name": "USN-2386-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "61629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61629"
},
{
"name": "61018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61018"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61346"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "70552",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70552"
},
{
"name": "DSA-3080",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "60416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61143"
},
{
"name": "60417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "60414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "61609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61163"
},
{
"name": "USN-2386-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "61629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61629"
},
{
"name": "61018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61018"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61346"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "70552",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70552"
},
{
"name": "DSA-3080",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "60416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61143"
},
{
"name": "60417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1657",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "61609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61163"
},
{
"name": "USN-2386-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1633.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "61629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61629"
},
{
"name": "61018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61018"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1634.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61346"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "70552",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70552"
},
{
"name": "DSA-3080",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "60416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1633",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1636",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61143"
},
{
"name": "60417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-6517",
"datePublished": "2014-10-15T22:03:00",
"dateReserved": "2014-09-17T00:00:00",
"dateUpdated": "2024-08-06T12:17:24.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3425 (GCVE-0-2016-3425)
Vulnerability from cvelistv5
Published
2016-04-21 10:00
Modified
2024-10-15 19:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:56:13.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "USN-2972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"name": "openSUSE-SU-2016:1235",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "RHSA-2016:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "GLSA-201606-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "1035596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035596"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "RHSA-2016:0679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "86434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/86434"
},
{
"name": "DSA-3558",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "RHSA-2016:0650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-3425",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T18:57:55.738443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T19:06:56.417Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-09T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "openSUSE-SU-2016:1222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "USN-2972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"name": "openSUSE-SU-2016:1235",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "RHSA-2016:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "GLSA-201606-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "1035596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035596"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "RHSA-2016:0679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "86434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/86434"
},
{
"name": "DSA-3558",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "RHSA-2016:0650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "USN-2972-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"name": "openSUSE-SU-2016:1235",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "RHSA-2016:0676",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20160420-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0723",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "GLSA-201606-18",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "1035596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035596"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "RHSA-2016:0679",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "86434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/86434"
},
{
"name": "DSA-3558",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "RHSA-2016:0650",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-3425",
"datePublished": "2016-04-21T10:00:00",
"dateReserved": "2016-03-17T00:00:00",
"dateUpdated": "2024-10-15T19:06:56.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10118 (GCVE-0-2017-10118)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 19:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "99782",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99782"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10118",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:36:46.566924Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:02:07.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "99782",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99782"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "99782",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99782"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10118",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T19:02:07.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3556 (GCVE-0-2011-3556)
Vulnerability from cvelistv5
Published
2011-10-19 21:00
Modified
2024-08-06 23:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "76505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/76505"
},
{
"name": "50231",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50231"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "48692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "jre-rmi-unspecified(70837)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70837"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "oval:org.mitre.oval:def:14316",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14316"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"name": "VU#597809",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/597809"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-12T12:06:28",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "76505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/76505"
},
{
"name": "50231",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50231"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "48692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "jre-rmi-unspecified(70837)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70837"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "oval:org.mitre.oval:def:14316",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14316"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"name": "VU#597809",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/597809"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-3556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "76505",
"refsource": "OSVDB",
"url": "http://osvdb.org/76505"
},
{
"name": "50231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50231"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "48692",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "jre-rmi-unspecified(70837)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70837"
},
{
"name": "SUSE-SU-2012:0114",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "oval:org.mitre.oval:def:14316",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14316"
},
{
"name": "SSRT100710",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1478",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"name": "RHSA-2011:1384",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"name": "VU#597809",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/597809"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2011-3556",
"datePublished": "2011-10-19T21:00:00",
"dateReserved": "2011-09-16T00:00:00",
"dateUpdated": "2024-08-06T23:37:48.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10053 (GCVE-0-2017-10053)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 19:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u151 Version: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:25:00.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99842",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99842"
},
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:36:58.301283Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:09:18.724Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u151"
},
{
"status": "affected",
"version": "7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "99842",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99842"
},
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u151"
},
{
"version_affected": "=",
"version_value": "7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99842"
},
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "RHSA-2017:2481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2481"
},
{
"name": "RHSA-2017:2530",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2530"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:2469",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2469"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10053",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T19:09:18.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3427 (GCVE-0-2016-3427)
Vulnerability from cvelistv5
Published
2016-04-21 10:00
Modified
2025-07-30 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:56:14.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "SUSE-SU-2016:1299",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"
},
{
"name": "RHSA-2016:1039",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html"
},
{
"name": "RHSA-2016:0701",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html"
},
{
"name": "USN-2972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "SUSE-SU-2016:1303",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"
},
{
"name": "1037331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037331"
},
{
"name": "SUSE-SU-2016:1475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"
},
{
"name": "openSUSE-SU-2016:1235",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "SUSE-SU-2016:1300",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"
},
{
"name": "RHSA-2016:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0708",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html"
},
{
"name": "RHSA-2016:0723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1378",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"
},
{
"name": "SUSE-SU-2016:1248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"name": "SUSE-SU-2016:1379",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "SUSE-SU-2016:1458",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"
},
{
"name": "GLSA-201606-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "RHSA-2016:0716",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html"
},
{
"name": "1035596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035596"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "SUSE-SU-2016:1388",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"
},
{
"name": "RHSA-2016:0702",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html"
},
{
"name": "RHSA-2016:0679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "DSA-3558",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "86421",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/86421"
},
{
"name": "RHSA-2016:0650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[cassandra-user] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc3abf40b06c511d5693baf707d6444bf7745e6a1e343e6f530a12258%40%3Cuser.cassandra.apache.org%3E"
},
{
"name": "[cassandra-dev] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5f48b16573a11fdf0b557cc3d1d71423ecde8ee771c29f32334fa948%40%3Cdev.cassandra.apache.org%3E"
},
{
"name": "[oss-security] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/31/1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2016-3427",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T15:06:35.308318Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-05-12",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3427"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:46:38.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2023-05-12T00:00:00+00:00",
"value": "CVE-2016-3427 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-01T02:06:09.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "openSUSE-SU-2016:1222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "SUSE-SU-2016:1299",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"
},
{
"name": "RHSA-2016:1039",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html"
},
{
"name": "RHSA-2016:0701",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html"
},
{
"name": "USN-2972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "SUSE-SU-2016:1303",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"
},
{
"name": "1037331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037331"
},
{
"name": "SUSE-SU-2016:1475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"
},
{
"name": "openSUSE-SU-2016:1235",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "SUSE-SU-2016:1300",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"
},
{
"name": "RHSA-2016:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0708",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html"
},
{
"name": "RHSA-2016:0723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1378",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"
},
{
"name": "SUSE-SU-2016:1248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"name": "SUSE-SU-2016:1379",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "SUSE-SU-2016:1458",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"
},
{
"name": "GLSA-201606-18",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "RHSA-2016:0716",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html"
},
{
"name": "1035596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035596"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "SUSE-SU-2016:1388",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"
},
{
"name": "RHSA-2016:0702",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html"
},
{
"name": "RHSA-2016:0679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "DSA-3558",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "86421",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/86421"
},
{
"name": "RHSA-2016:0650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[cassandra-user] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc3abf40b06c511d5693baf707d6444bf7745e6a1e343e6f530a12258%40%3Cuser.cassandra.apache.org%3E"
},
{
"name": "[cassandra-dev] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5f48b16573a11fdf0b557cc3d1d71423ecde8ee771c29f32334fa948%40%3Cdev.cassandra.apache.org%3E"
},
{
"name": "[oss-security] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/08/31/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
},
{
"name": "RHSA-2016:0677",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
},
{
"name": "SUSE-SU-2016:1299",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"
},
{
"name": "RHSA-2016:1039",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html"
},
{
"name": "RHSA-2016:0701",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html"
},
{
"name": "USN-2972-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2972-1"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "SUSE-SU-2016:1303",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"
},
{
"name": "1037331",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037331"
},
{
"name": "SUSE-SU-2016:1475",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"
},
{
"name": "openSUSE-SU-2016:1235",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
},
{
"name": "openSUSE-SU-2016:1262",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
},
{
"name": "SUSE-SU-2016:1300",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"
},
{
"name": "RHSA-2016:0676",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
},
{
"name": "RHSA-2016:1430",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "https://security.netapp.com/advisory/ntap-20160420-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
},
{
"name": "RHSA-2016:0708",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html"
},
{
"name": "RHSA-2016:0723",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
},
{
"name": "RHSA-2016:0651",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
},
{
"name": "SUSE-SU-2016:1378",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"
},
{
"name": "SUSE-SU-2016:1248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
},
{
"name": "SUSE-SU-2016:1379",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10159"
},
{
"name": "USN-2964-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2964-1"
},
{
"name": "openSUSE-SU-2016:1230",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
},
{
"name": "SUSE-SU-2016:1458",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"
},
{
"name": "GLSA-201606-18",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-18"
},
{
"name": "RHSA-2016:0716",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html"
},
{
"name": "1035596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035596"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1265",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
},
{
"name": "USN-2963-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2963-1"
},
{
"name": "RHSA-2016:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
},
{
"name": "SUSE-SU-2016:1250",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
},
{
"name": "SUSE-SU-2016:1388",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"
},
{
"name": "RHSA-2016:0702",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html"
},
{
"name": "RHSA-2016:0679",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "DSA-3558",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "86421",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/86421"
},
{
"name": "RHSA-2016:0650",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"
},
{
"name": "[cassandra-user] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc3abf40b06c511d5693baf707d6444bf7745e6a1e343e6f530a12258@%3Cuser.cassandra.apache.org%3E"
},
{
"name": "[cassandra-dev] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5f48b16573a11fdf0b557cc3d1d71423ecde8ee771c29f32334fa948@%3Cdev.cassandra.apache.org%3E"
},
{
"name": "[oss-security] 20200831 CVE-2016-3427 Apache Cassandra Unspecified vulnerability related to JMX",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/08/31/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-3427",
"datePublished": "2016-04-21T10:00:00.000Z",
"dateReserved": "2016-03-17T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:46:38.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10295 (GCVE-0-2017-10295)
Vulnerability from cvelistv5
Published
2017-10-19 17:00
Modified
2024-10-04 16:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u161 Version: 7u151 Version: 8u144 Version: 9; Java SE Embedded: 8u144; JRockit: R28.3.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "101384",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101384"
},
{
"name": "RHSA-2017:3264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10295",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:45:32.040874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T16:54:34.588Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u161"
},
{
"status": "affected",
"version": "7u151"
},
{
"status": "affected",
"version": "8u144"
},
{
"status": "affected",
"version": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
}
]
}
],
"datePublic": "2017-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:3047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "101384",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101384"
},
{
"name": "RHSA-2017:3264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u161"
},
{
"version_affected": "=",
"version_value": "7u151"
},
{
"version_affected": "=",
"version_value": "8u144"
},
{
"version_affected": "=",
"version_value": "9; Java SE Embedded: 8u144; JRockit: R28.3.15"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3047",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3047"
},
{
"name": "GLSA-201711-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-14"
},
{
"name": "DSA-4015",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4015"
},
{
"name": "RHSA-2017:3267",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3267"
},
{
"name": "RHSA-2017:2998",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2998"
},
{
"name": "RHSA-2017:3268",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3268"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3046",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3046"
},
{
"name": "1039596",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039596"
},
{
"name": "GLSA-201710-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-31"
},
{
"name": "101384",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101384"
},
{
"name": "RHSA-2017:3264",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3264"
},
{
"name": "DSA-4048",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4048"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:3392",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
},
{
"name": "[debian-lts-announce] 20171123 [SECURITY] [DLA 1187-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171019-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10295",
"datePublished": "2017-10-19T17:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T16:54:34.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2398 (GCVE-0-2014-2398)
Vulnerability from cvelistv5
Published
2014-04-16 01:00
Modified
2024-08-06 10:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "66920",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66920"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "66920",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66920"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-2398",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2187-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "RHSA-2014:0413",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "66920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66920"
},
{
"name": "RHSA-2014:0685",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "DSA-2912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-2398",
"datePublished": "2014-04-16T01:00:00",
"dateReserved": "2014-03-13T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3485 (GCVE-0-2016-3485)
Vulnerability from cvelistv5
Published
2016-07-21 10:00
Modified
2024-10-11 20:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:56:13.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:2261",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "SUSE-SU-2016:2012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "SUSE-SU-2016:2286",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html"
},
{
"name": "openSUSE-SU-2016:2051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "SUSE-SU-2016:1997",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "openSUSE-SU-2016:2050",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "openSUSE-SU-2016:2058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-3485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T19:49:48.343624Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T20:54:32.737Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-09T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2016:2261",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "SUSE-SU-2016:2012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "SUSE-SU-2016:2286",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html"
},
{
"name": "openSUSE-SU-2016:2051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "SUSE-SU-2016:1997",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "openSUSE-SU-2016:2050",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "openSUSE-SU-2016:2058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:2261",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00005.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "SUSE-SU-2016:2012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20160721-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "SUSE-SU-2016:2286",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00006.html"
},
{
"name": "openSUSE-SU-2016:2051",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "SUSE-SU-2016:1997",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "openSUSE-SU-2016:2050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "openSUSE-SU-2016:2058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-3485",
"datePublished": "2016-07-21T10:00:00",
"dateReserved": "2016-03-17T00:00:00",
"dateUpdated": "2024-10-11T20:54:32.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5546 (GCVE-0-2016-5546)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-10-09 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:07:57.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "95506",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95506"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-5546",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:25:41.476171Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:04:21.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java SE",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "6u131"
},
{
"status": "affected",
"version": "7u121"
},
{
"status": "affected",
"version": "8u112"
}
]
},
{
"product": "Java SE Embedded",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "8u111"
}
]
},
{
"product": "JRockit",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "R28.3.12"
}
]
}
],
"datePublic": "2017-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "95506",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95506"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "6u131"
},
{
"version_value": "7u121"
},
{
"version_value": "8u112"
}
]
}
},
{
"product_name": "Java SE Embedded",
"version": {
"version_data": [
{
"version_value": "8u111"
}
]
}
},
{
"product_name": "JRockit",
"version": {
"version_data": [
{
"version_value": "R28.3.12"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Integrity impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0338",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "95506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95506"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-5546",
"datePublished": "2017-01-27T22:01:00",
"dateReserved": "2016-06-16T00:00:00",
"dateUpdated": "2024-10-09T20:04:21.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5804 (GCVE-0-2013-5804)
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:31.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131"
},
{
"name": "63149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63149"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"name": "oval:org.mitre.oval:def:19188",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19188"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131"
},
{
"name": "63149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63149"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"name": "oval:org.mitre.oval:def:19188",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19188"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131"
},
{
"name": "63149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63149"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"name": "oval:org.mitre.oval:def:19188",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19188"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5804",
"datePublished": "2013-10-16T17:31:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:31.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10198 (GCVE-0-2017-10198)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 17:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u151 Version: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "99818",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99818"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:50:37.360795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T17:10:12.889Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u151"
},
{
"status": "affected",
"version": "7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "99818",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99818"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "RHSA-2017:3392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u151"
},
{
"version_affected": "=",
"version_value": "7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "99818",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99818"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "RHSA-2017:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "RHSA-2017:3392",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3392"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10198",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T17:10:12.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2380 (GCVE-0-2013-2380)
Vulnerability from cvelistv5
Published
2013-04-17 14:00
Modified
2024-08-06 15:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-2380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-2380",
"datePublished": "2013-04-17T14:00:00",
"dateReserved": "2013-03-05T00:00:00",
"dateUpdated": "2024-08-06T15:36:46.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0478 (GCVE-0-2015-0478)
Vulnerability from cvelistv5
Published
2015-04-16 16:00
Modified
2024-08-06 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:0857",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"name": "DSA-3235",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"name": "RHSA-2015:1007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "RHSA-2015:0806",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"name": "RHSA-2015:1006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"name": "SUSE-SU-2015:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"name": "MDVSA-2015:212",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"name": "74147",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74147"
},
{
"name": "RHSA-2015:1091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "1032120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032120"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "openSUSE-SU-2015:0773",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"name": "SUSE-SU-2015:1138",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "DSA-3234",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"name": "USN-2573-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "RHSA-2015:0807",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"name": "SUSE-SU-2015:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "1035517",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035517"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "SUSE-SU-2015:1085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:0858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"name": "RHSA-2015:1021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "RHSA-2015:0808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"name": "USN-2574-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"name": "RHSA-2015:0809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"name": "openSUSE-SU-2015:0774",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"name": "SUSE-SU-2015:1161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "RHSA-2015:0854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2015:0857",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"name": "DSA-3235",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"name": "RHSA-2015:1007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "RHSA-2015:0806",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"name": "RHSA-2015:1006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"name": "SUSE-SU-2015:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"name": "MDVSA-2015:212",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"name": "74147",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74147"
},
{
"name": "RHSA-2015:1091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "1032120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032120"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "openSUSE-SU-2015:0773",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"name": "SUSE-SU-2015:1138",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "DSA-3234",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"name": "USN-2573-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "RHSA-2015:0807",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"name": "SUSE-SU-2015:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "1035517",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035517"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "SUSE-SU-2015:1085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:0858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"name": "RHSA-2015:1021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "RHSA-2015:0808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"name": "USN-2574-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"name": "RHSA-2015:0809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"name": "openSUSE-SU-2015:0774",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"name": "SUSE-SU-2015:1161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "RHSA-2015:0854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:0857",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"name": "DSA-3235",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"name": "RHSA-2015:1007",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "SUSE-SU-2015:2182",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "RHSA-2015:0806",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"name": "RHSA-2015:1006",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "SUSE-SU-2015:2192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0158.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"name": "SUSE-SU-2015:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"name": "MDVSA-2015:212",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"name": "74147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74147"
},
{
"name": "RHSA-2015:1091",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"name": "DSA-3316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:2166",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "1032120",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032120"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "openSUSE-SU-2015:0773",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"name": "SUSE-SU-2015:1138",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "DSA-3234",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"name": "USN-2573-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"name": "SUSE-SU-2015:2216",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1020",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "RHSA-2015:0807",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"name": "SUSE-SU-2015:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "1035517",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035517"
},
{
"name": "SUSE-SU-2015:2168",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "SUSE-SU-2015:1085",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:0858",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"name": "RHSA-2015:1021",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "RHSA-2015:0808",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"name": "USN-2574-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"name": "RHSA-2015:0809",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"name": "openSUSE-SU-2015:0774",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"name": "SUSE-SU-2015:1161",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "RHSA-2015:0854",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0478",
"datePublished": "2015-04-16T16:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2794 (GCVE-0-2018-2794)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2024-10-03 20:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit.
Summary
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u181 Version: 7u171 Version: 8u162 Version: 10 Version: JRockit: R28.3.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "103817",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103817"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2794",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:20:44.545581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:18:19.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u181"
},
{
"status": "affected",
"version": "7u171"
},
{
"status": "affected",
"version": "8u162"
},
{
"status": "affected",
"version": "10"
},
{
"status": "affected",
"version": "JRockit: R28.3.17"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-20T00:06:06",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "103817",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103817"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2794",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u181"
},
{
"version_affected": "=",
"version_value": "7u171"
},
{
"version_affected": "=",
"version_value": "8u162"
},
{
"version_affected": "=",
"version_value": "10"
},
{
"version_affected": "=",
"version_value": "JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, JRockit executes to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "103817",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103817"
},
{
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2794",
"datePublished": "2018-04-19T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:18:19.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2663 (GCVE-0-2018-2663)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:42.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102662",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102662"
},
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2663",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:23:53.770237Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:35:27.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "102662",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102662"
},
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102662",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102662"
},
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2663",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:35:27.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3508 (GCVE-0-2016-3508)
Vulnerability from cvelistv5
Published
2016-07-21 10:00
Modified
2024-10-11 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:56:14.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3043-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "91972",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91972"
},
{
"name": "SUSE-SU-2016:2012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"name": "DSA-3641",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "RHSA-2016:1475",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"name": "openSUSE-SU-2016:2051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "RHSA-2016:1477",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"name": "USN-3062-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"name": "SUSE-SU-2016:1997",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "RHSA-2016:1458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"name": "openSUSE-SU-2016:2050",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "USN-3077-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"name": "RHSA-2016:1776",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"name": "openSUSE-SU-2016:2058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"name": "RHSA-2016:1504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-3508",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T20:11:29.977026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T20:52:08.622Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-09T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "USN-3043-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "91972",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91972"
},
{
"name": "SUSE-SU-2016:2012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"name": "DSA-3641",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "RHSA-2016:1475",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"name": "openSUSE-SU-2016:2051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "RHSA-2016:1477",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"name": "USN-3062-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"name": "SUSE-SU-2016:1997",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "RHSA-2016:1458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"name": "openSUSE-SU-2016:2050",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "USN-3077-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"name": "RHSA-2016:1776",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"name": "openSUSE-SU-2016:2058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"name": "RHSA-2016:1504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3508",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3043-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "91972",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91972"
},
{
"name": "SUSE-SU-2016:2012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"name": "DSA-3641",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"name": "https://security.netapp.com/advisory/ntap-20160721-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "RHSA-2016:1475",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"name": "openSUSE-SU-2016:2051",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "RHSA-2016:1477",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"name": "USN-3062-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1476",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"name": "SUSE-SU-2016:1997",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "RHSA-2016:1458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"name": "openSUSE-SU-2016:2050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "USN-3077-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"name": "RHSA-2016:1776",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"name": "openSUSE-SU-2016:2058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"name": "RHSA-2016:1504",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-3508",
"datePublished": "2016-07-21T10:00:00",
"dateReserved": "2016-03-17T00:00:00",
"dateUpdated": "2024-10-11T20:52:08.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5547 (GCVE-0-2016-5547)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-10-09 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:07:57.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95521",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95521"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-5547",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:25:40.328122Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:04:11.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java SE",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "7u121"
},
{
"status": "affected",
"version": "8u112"
}
]
},
{
"product": "Java SE Embedded",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "8u111"
}
]
},
{
"product": "JRockit",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "R28.3.12"
}
]
}
],
"datePublic": "2017-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "95521",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95521"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "7u121"
},
{
"version_value": "8u112"
}
]
}
},
{
"product_name": "Java SE Embedded",
"version": {
"version_data": [
{
"version_value": "8u111"
}
]
}
},
{
"product_name": "JRockit",
"version": {
"version_data": [
{
"version_value": "R28.3.12"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95521",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95521"
},
{
"name": "DSA-3782",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0263",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-5547",
"datePublished": "2017-01-27T22:01:00",
"dateReserved": "2016-06-16T00:00:00",
"dateUpdated": "2024-10-09T20:04:11.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2629 (GCVE-0-2018-2629)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.597Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102615",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102615"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2629",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:23:46.580396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:39:41.707Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "102615",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102615"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2629",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102615"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2629",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:39:41.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2657 (GCVE-0-2018-2657)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit.
Summary
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"name": "102629",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102629"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:12:40.369651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:36:25.506Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"name": "102629",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102629"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"name": "102629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102629"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2657",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:36:25.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2800 (GCVE-0-2018-2800)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2024-10-03 20:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data.
Summary
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u181 Version: 7u171 Version: 8u162; JRockit: R28.3.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "103849",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103849"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2800",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:26:17.783525Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:17:49.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u181"
},
{
"status": "affected",
"version": "7u171"
},
{
"status": "affected",
"version": "8u162; JRockit: R28.3.17"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-20T00:06:04",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "103849",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103849"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u181"
},
{
"version_affected": "=",
"version_value": "7u171"
},
{
"version_affected": "=",
"version_value": "8u162; JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181, 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, JRockit accessible data as well as unauthorized read access to a subset of Java SE, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "103849",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103849"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2800",
"datePublished": "2018-04-19T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:17:49.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3557 (GCVE-0-2011-3557)
Vulnerability from cvelistv5
Published
2011-10-19 21:00
Modified
2024-08-06 23:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "50234",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50234"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "48692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "oracle-jre-rmi-unspecified(70836)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70836"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0602",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "oval:org.mitre.oval:def:14373",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14373"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "48948",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48948"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "48915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48915"
},
{
"name": "76506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/76506"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "RHSA-2012:0508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "50234",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50234"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "48692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "oracle-jre-rmi-unspecified(70836)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70836"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0602",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "oval:org.mitre.oval:def:14373",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14373"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "48948",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48948"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "48915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48915"
},
{
"name": "76506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/76506"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "RHSA-2012:0508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-3557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "50234",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50234"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "48692",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48308"
},
{
"name": "oracle-jre-rmi-unspecified(70836)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70836"
},
{
"name": "HPSBUX02730",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0602",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
},
{
"name": "SUSE-SU-2012:0114",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "oval:org.mitre.oval:def:14373",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14373"
},
{
"name": "SSRT100710",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "48948",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48948"
},
{
"name": "RHSA-2011:1384",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "48915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48915"
},
{
"name": "76506",
"refsource": "OSVDB",
"url": "http://osvdb.org/76506"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "RHSA-2012:0508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
},
{
"name": "SSRT100867",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2011-3557",
"datePublished": "2011-10-19T21:00:00",
"dateReserved": "2011-09-16T00:00:00",
"dateUpdated": "2024-08-06T23:37:48.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4263 (GCVE-0-2014-4263)
Vulnerability from cvelistv5
Published
2014-07-17 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:12:34.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2987",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"name": "60129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60129"
},
{
"name": "62314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21681644"
},
{
"name": "58830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58830"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "DSA-2980",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name": "1030577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name": "61254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61254"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529"
},
{
"name": "59987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59987"
},
{
"name": "60335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "68636",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68636"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "60831",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60831"
},
{
"name": "60846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60846"
},
{
"name": "61846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61846"
},
{
"name": "60812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60812"
},
{
"name": "61264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61264"
},
{
"name": "60890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60890"
},
{
"name": "61469",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61469"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "60180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60180"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61215"
},
{
"name": "60002",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60002"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "59986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "60245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60245"
},
{
"name": "60817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60817"
},
{
"name": "59924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59924"
},
{
"name": "61577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61577"
},
{
"name": "RHSA-2014:0908",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name": "61278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61278"
},
{
"name": "60497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60497"
},
{
"name": "oracle-cpujul2014-cve20144263(94606)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94606"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "60485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60485"
},
{
"name": "59680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59680"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"name": "60622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60622"
},
{
"name": "61293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61293"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"name": "60081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60081"
},
{
"name": "60032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"name": "RHSA-2014:0902",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name": "60326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60326"
},
{
"name": "59985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59985"
},
{
"name": "61640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"name": "59503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59503"
},
{
"name": "60839",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "60317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60317"
},
{
"name": "60031",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60031"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "62319",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62319"
},
{
"name": "59404",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to \"Diffie-Hellman key agreement.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "DSA-2987",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"name": "60129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60129"
},
{
"name": "62314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21681644"
},
{
"name": "58830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58830"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "DSA-2980",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name": "1030577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name": "61254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61254"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529"
},
{
"name": "59987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59987"
},
{
"name": "60335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "68636",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68636"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "60831",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60831"
},
{
"name": "60846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60846"
},
{
"name": "61846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61846"
},
{
"name": "60812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60812"
},
{
"name": "61264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61264"
},
{
"name": "60890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60890"
},
{
"name": "61469",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61469"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "60180",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60180"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61215"
},
{
"name": "60002",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60002"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "59986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "60245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60245"
},
{
"name": "60817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60817"
},
{
"name": "59924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59924"
},
{
"name": "61577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61577"
},
{
"name": "RHSA-2014:0908",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name": "61278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61278"
},
{
"name": "60497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60497"
},
{
"name": "oracle-cpujul2014-cve20144263(94606)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94606"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "60485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60485"
},
{
"name": "59680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59680"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"name": "60622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60622"
},
{
"name": "61293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61293"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"name": "60081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60081"
},
{
"name": "60032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"name": "RHSA-2014:0902",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name": "60326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60326"
},
{
"name": "59985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59985"
},
{
"name": "61640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"name": "59503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59503"
},
{
"name": "60839",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "60317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60317"
},
{
"name": "60031",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60031"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "62319",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62319"
},
{
"name": "59404",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-4263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to \"Diffie-Hellman key agreement.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2987",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"name": "60129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60129"
},
{
"name": "62314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62314"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21681644",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21681644"
},
{
"name": "58830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58830"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "DSA-2980",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name": "1030577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name": "61254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61254"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529"
},
{
"name": "59987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59987"
},
{
"name": "60335",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60335"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "68636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68636"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "60831",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60831"
},
{
"name": "60846",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60846"
},
{
"name": "61846",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61846"
},
{
"name": "60812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60812"
},
{
"name": "61264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61264"
},
{
"name": "60890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60890"
},
{
"name": "61469",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61469"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21683518",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "60180",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60180"
},
{
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61215"
},
{
"name": "60002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60002"
},
{
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name": "59986",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59986"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "60245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60245"
},
{
"name": "60817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60817"
},
{
"name": "59924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59924"
},
{
"name": "61577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61577"
},
{
"name": "RHSA-2014:0908",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name": "61278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61278"
},
{
"name": "60497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60497"
},
{
"name": "oracle-cpujul2014-cve20144263(94606)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94606"
},
{
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "60485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60485"
},
{
"name": "59680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59680"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"name": "60622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60622"
},
{
"name": "61293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61293"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21680418",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"name": "60081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60081"
},
{
"name": "60032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60032"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"name": "RHSA-2014:0902",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name": "60326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60326"
},
{
"name": "59985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59985"
},
{
"name": "61640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61640"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"name": "59503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59503"
},
{
"name": "60839",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60839"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "60317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60317"
},
{
"name": "60031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60031"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "62319",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62319"
},
{
"name": "59404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-4263",
"datePublished": "2014-07-17T10:00:00",
"dateReserved": "2014-06-17T00:00:00",
"dateUpdated": "2024-08-06T11:12:34.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6457 (GCVE-0-2014-6457)
Vulnerability from cvelistv5
Published
2014-10-15 15:15
Modified
2024-08-06 12:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:24.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61163"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "RHSA-2014:1634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "DSA-3080",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "70538",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70538"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61164"
},
{
"name": "61635",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61635"
},
{
"name": "SSRT101770",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"name": "61020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "60414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61163"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "RHSA-2014:1634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "DSA-3080",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "70538",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70538"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61164"
},
{
"name": "61635",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61635"
},
{
"name": "SSRT101770",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"name": "61020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61163"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1633.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1634.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "RHSA-2014:1634",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "DSA-3080",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "70538",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70538"
},
{
"name": "SUSE-SU-2014:1526",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61164"
},
{
"name": "61635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61635"
},
{
"name": "SSRT101770",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1636",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"name": "61020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-6457",
"datePublished": "2014-10-15T15:15:00",
"dateReserved": "2014-09-17T00:00:00",
"dateUpdated": "2024-08-06T12:17:24.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0411 (GCVE-0-2014-0411)
Vulnerability from cvelistv5
Published
2014-01-15 02:50
Modified
2024-08-06 09:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519"
},
{
"name": "56432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56432"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "59705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59705"
},
{
"name": "59324",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59324"
},
{
"name": "RHSA-2014:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc"
},
{
"name": "openSUSE-SU-2014:0174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "RHSA-2014:0135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "oracle-cpujan2014-cve20140411(90357)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90357"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904"
},
{
"name": "59251",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59251"
},
{
"name": "56535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "59194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59194"
},
{
"name": "60498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60498"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21677913"
},
{
"name": "60833",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60833"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"name": "RHSA-2014:0030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "RHSA-2014:0097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656"
},
{
"name": "60005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60005"
},
{
"name": "60835",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60835"
},
{
"name": "56485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56485"
},
{
"name": "57809",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57809"
},
{
"name": "64918",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64918"
},
{
"name": "59071",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59071"
},
{
"name": "SSRT101454",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675223"
},
{
"name": "59339",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59339"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671"
},
{
"name": "59872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59872"
},
{
"name": "59283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59283"
},
{
"name": "HPSBUX02972",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21672078"
},
{
"name": "56486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "59254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59254"
},
{
"name": "1029608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029608"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745"
},
{
"name": "59665",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59665"
},
{
"name": "USN-2124-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"name": "59037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59037"
},
{
"name": "59082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59082"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234"
},
{
"name": "102028",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102028"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978"
},
{
"name": "RHSA-2014:0026",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "59704",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59704"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668"
},
{
"name": "SUSE-SU-2014:0246",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "60836",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60836"
},
{
"name": "RHSA-2014:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670"
},
{
"name": "59235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59235"
},
{
"name": "openSUSE-SU-2014:0180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519"
},
{
"name": "56432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56432"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "59705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59705"
},
{
"name": "59324",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59324"
},
{
"name": "RHSA-2014:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc"
},
{
"name": "openSUSE-SU-2014:0174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "RHSA-2014:0135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "oracle-cpujan2014-cve20140411(90357)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90357"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904"
},
{
"name": "59251",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59251"
},
{
"name": "56535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "59194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59194"
},
{
"name": "60498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60498"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21677913"
},
{
"name": "60833",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60833"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"name": "RHSA-2014:0030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "RHSA-2014:0097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656"
},
{
"name": "60005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60005"
},
{
"name": "60835",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60835"
},
{
"name": "56485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56485"
},
{
"name": "57809",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57809"
},
{
"name": "64918",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64918"
},
{
"name": "59071",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59071"
},
{
"name": "SSRT101454",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675223"
},
{
"name": "59339",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59339"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671"
},
{
"name": "59872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59872"
},
{
"name": "59283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59283"
},
{
"name": "HPSBUX02972",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21672078"
},
{
"name": "56486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "59254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59254"
},
{
"name": "1029608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029608"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745"
},
{
"name": "59665",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59665"
},
{
"name": "USN-2124-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"name": "59037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59037"
},
{
"name": "59082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59082"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234"
},
{
"name": "102028",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102028"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978"
},
{
"name": "RHSA-2014:0026",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "59704",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59704"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668"
},
{
"name": "SUSE-SU-2014:0246",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "60836",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60836"
},
{
"name": "RHSA-2014:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670"
},
{
"name": "59235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59235"
},
{
"name": "openSUSE-SU-2014:0180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676373"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21669519"
},
{
"name": "56432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56432"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "59705",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59705"
},
{
"name": "59324",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59324"
},
{
"name": "RHSA-2014:0136",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc",
"refsource": "CONFIRM",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc"
},
{
"name": "openSUSE-SU-2014:0174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "RHSA-2014:0135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "oracle-cpujan2014-cve20140411(90357)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90357"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682904"
},
{
"name": "59251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59251"
},
{
"name": "56535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "59194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59194"
},
{
"name": "60498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60498"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21677913",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21677913"
},
{
"name": "60833",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60833"
},
{
"name": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132",
"refsource": "CONFIRM",
"url": "http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132"
},
{
"name": "RHSA-2014:0030",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "RHSA-2014:0097",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656"
},
{
"name": "60005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60005"
},
{
"name": "60835",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60835"
},
{
"name": "56485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56485"
},
{
"name": "57809",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57809"
},
{
"name": "64918",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64918"
},
{
"name": "59071",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59071"
},
{
"name": "SSRT101454",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675938"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680387"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21675223",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21675223"
},
{
"name": "59339",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59339"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682671"
},
{
"name": "59872",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59872"
},
{
"name": "59283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59283"
},
{
"name": "HPSBUX02972",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682669"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21672078",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21672078"
},
{
"name": "56486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "59254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59254"
},
{
"name": "1029608",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1004745"
},
{
"name": "59665",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59665"
},
{
"name": "USN-2124-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"name": "59037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59037"
},
{
"name": "59082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59082"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680234"
},
{
"name": "102028",
"refsource": "OSVDB",
"url": "http://osvdb.org/102028"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676978"
},
{
"name": "RHSA-2014:0026",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "59704",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59704"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682668"
},
{
"name": "SUSE-SU-2014:0246",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "60836",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60836"
},
{
"name": "RHSA-2014:0134",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676190"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682670"
},
{
"name": "59235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59235"
},
{
"name": "openSUSE-SU-2014:0180",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-0411",
"datePublished": "2014-01-15T02:50:00",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3500 (GCVE-0-2016-3500)
Vulnerability from cvelistv5
Published
2016-07-21 10:00
Modified
2024-10-11 20:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:56:14.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3043-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "SUSE-SU-2016:2012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"name": "DSA-3641",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "RHSA-2016:1475",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"name": "openSUSE-SU-2016:2051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "RHSA-2016:1477",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"name": "USN-3062-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"name": "SUSE-SU-2016:1997",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "RHSA-2016:1458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"name": "openSUSE-SU-2016:2050",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "USN-3077-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"name": "RHSA-2016:1776",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"name": "openSUSE-SU-2016:2058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"name": "RHSA-2016:1504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-3500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T20:11:31.143802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T20:52:59.266Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-09T10:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "USN-3043-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "SUSE-SU-2016:2012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"name": "DSA-3641",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "RHSA-2016:1475",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"name": "openSUSE-SU-2016:2051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "RHSA-2016:1477",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"name": "USN-3062-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"name": "SUSE-SU-2016:1997",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "RHSA-2016:1458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"name": "openSUSE-SU-2016:2050",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "USN-3077-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"name": "RHSA-2016:1776",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"name": "openSUSE-SU-2016:2058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"name": "RHSA-2016:1504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3043-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3043-1"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "GLSA-201610-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "SUSE-SU-2016:2012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
},
{
"name": "openSUSE-SU-2016:2052",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
},
{
"name": "DSA-3641",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3641"
},
{
"name": "https://security.netapp.com/advisory/ntap-20160721-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
},
{
"name": "RHSA-2016:1475",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1475"
},
{
"name": "openSUSE-SU-2016:2051",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
},
{
"name": "1036365",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036365"
},
{
"name": "GLSA-201701-43",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name": "RHSA-2016:1477",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1477"
},
{
"name": "USN-3062-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3062-1"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1476",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1476"
},
{
"name": "SUSE-SU-2016:1997",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
},
{
"name": "RHSA-2016:1458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1458"
},
{
"name": "openSUSE-SU-2016:2050",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10166"
},
{
"name": "openSUSE-SU-2016:1979",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
},
{
"name": "USN-3077-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3077-1"
},
{
"name": "RHSA-2016:1776",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
},
{
"name": "openSUSE-SU-2016:2058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
},
{
"name": "RHSA-2016:1504",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-3500",
"datePublished": "2016-07-21T10:00:00",
"dateReserved": "2016-03-17T00:00:00",
"dateUpdated": "2024-10-11T20:52:59.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2625 (GCVE-0-2015-2625)
Vulnerability from cvelistv5
Published
2015-07-16 10:00
Modified
2024-08-06 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:17:27.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "75895",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75895"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "75895",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75895"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1243",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "SUSE-SU-2015:2192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "RHSA-2015:1229",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "75895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75895"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "SUSE-SU-2015:2166",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "RHSA-2015:1488",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-2625",
"datePublished": "2015-07-16T10:00:00",
"dateReserved": "2015-03-20T00:00:00",
"dateUpdated": "2024-08-06T05:17:27.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-2601 (GCVE-0-2015-2601)
Vulnerability from cvelistv5
Published
2015-07-16 10:00
Modified
2024-08-06 05:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:17:27.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "75867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75867"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "1037732",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037732"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "75867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75867"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "1037732",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037732"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1243",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "75867",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75867"
},
{
"name": "DSA-3339",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "1037732",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037732"
},
{
"name": "RHSA-2015:1488",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "RHSA-2015:1604",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-2601",
"datePublished": "2015-07-16T10:00:00",
"dateReserved": "2015-03-20T00:00:00",
"dateUpdated": "2024-08-06T05:17:27.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2678 (GCVE-0-2018-2678)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:43.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "102659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102659"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2678",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:24:12.973702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:33:42.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "102659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102659"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "102659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102659"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2678",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:33:42.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3183 (GCVE-0-2018-3183)
Vulnerability from cvelistv5
Published
2018-10-17 01:00
Modified
2024-10-02 19:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 8u181, 11 Version: Java SE Embedded: 8u181 Version: JRockit: R28.3.19 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:43:35.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "105622",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105622"
},
{
"name": "USN-3804-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "RHSA-2018:2943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "1041889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "GLSA-201908-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-3183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:16:11.691088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:38:58.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 8u181, 11"
},
{
"status": "affected",
"version": "Java SE Embedded: 8u181"
},
{
"status": "affected",
"version": "JRockit: R28.3.19"
}
]
}
],
"datePublic": "2018-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T23:06:10",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "105622",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105622"
},
{
"name": "USN-3804-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "RHSA-2018:2943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "1041889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "GLSA-201908-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 8u181, 11"
},
{
"version_affected": "=",
"version_value": "Java SE Embedded: 8u181"
},
{
"version_affected": "=",
"version_value": "JRockit: R28.3.19"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20181018-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3534",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3003",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "105622",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105622"
},
{
"name": "USN-3804-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3852",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "RHSA-2018:2943",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "1041889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "GLSA-201908-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-3183",
"datePublished": "2018-10-17T01:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-02T19:38:58.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0423 (GCVE-0-2014-0423)
Vulnerability from cvelistv5
Published
2014-01-15 02:50
Modified
2024-08-06 09:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56432"
},
{
"name": "oracle-cpujan2014-cve20140423(90340)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90340"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "RHSA-2014:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"name": "openSUSE-SU-2014:0174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "RHSA-2014:0135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "64914",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64914"
},
{
"name": "56535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
},
{
"name": "RHSA-2014:0030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "RHSA-2014:0097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"name": "56485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56485"
},
{
"name": "SSRT101454",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"name": "59283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59283"
},
{
"name": "HPSBUX02972",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name": "56486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "1029608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name": "USN-2124-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"name": "RHSA-2014:0026",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "SUSE-SU-2014:0246",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"name": "60568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60568"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "RHSA-2014:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5"
},
{
"name": "openSUSE-SU-2014:0180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "56432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56432"
},
{
"name": "oracle-cpujan2014-cve20140423(90340)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90340"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "RHSA-2014:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"name": "openSUSE-SU-2014:0174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "RHSA-2014:0135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "64914",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64914"
},
{
"name": "56535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
},
{
"name": "RHSA-2014:0030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "RHSA-2014:0097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"name": "56485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56485"
},
{
"name": "SSRT101454",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"name": "59283",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59283"
},
{
"name": "HPSBUX02972",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name": "56486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "1029608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name": "USN-2124-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"name": "RHSA-2014:0026",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "SUSE-SU-2014:0246",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"name": "60568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60568"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "RHSA-2014:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5"
},
{
"name": "openSUSE-SU-2014:0180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56432"
},
{
"name": "oracle-cpujan2014-cve20140423(90340)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90340"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "RHSA-2014:0136",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"name": "openSUSE-SU-2014:0174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "RHSA-2014:0135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "64914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64914"
},
{
"name": "56535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066"
},
{
"name": "RHSA-2014:0030",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "RHSA-2014:0097",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"name": "56485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56485"
},
{
"name": "SSRT101454",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"name": "59283",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59283"
},
{
"name": "HPSBUX02972",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name": "56486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "1029608",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name": "USN-2124-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677388"
},
{
"name": "RHSA-2014:0026",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679287"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "SUSE-SU-2014:0246",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"name": "60568",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60568"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "RHSA-2014:0134",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5",
"refsource": "CONFIRM",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/995b32f013f5"
},
{
"name": "openSUSE-SU-2014:0180",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-0423",
"datePublished": "2014-01-15T02:50:00",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2798 (GCVE-0-2018-2798)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2025-05-06 14:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u181 Version: 7u171 Version: 8u162 Version: 10; Java SE Embedded: 8u161; JRockit: R28.3.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "103841",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103841"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-2798",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:33.639895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T14:59:08.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u181"
},
{
"status": "affected",
"version": "7u171"
},
{
"status": "affected",
"version": "8u162"
},
{
"status": "affected",
"version": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
],
"datePublic": "2018-03-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-20T00:06:05.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "103841",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103841"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2798",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u181"
},
{
"version_affected": "=",
"version_value": "7u171"
},
{
"version_affected": "=",
"version_value": "8u162"
},
{
"version_affected": "=",
"version_value": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "103841",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103841"
},
{
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2798",
"datePublished": "2018-04-19T02:00:00.000Z",
"dateReserved": "2017-12-15T00:00:00.000Z",
"dateUpdated": "2025-05-06T14:59:08.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2797 (GCVE-0-2018-2797)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2024-10-03 20:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u181 Version: 7u171 Version: 8u162 Version: 10; Java SE Embedded: 8u161; JRockit: R28.3.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "103846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103846"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2797",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:13:35.233756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:18:04.476Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u181"
},
{
"status": "affected",
"version": "7u171"
},
{
"status": "affected",
"version": "8u162"
},
{
"status": "affected",
"version": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-20T00:06:05",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "103846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103846"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u181"
},
{
"version_affected": "=",
"version_value": "7u171"
},
{
"version_affected": "=",
"version_value": "8u162"
},
{
"version_affected": "=",
"version_value": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "103846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103846"
},
{
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2797",
"datePublished": "2018-04-19T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:18:04.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4872 (GCVE-0-2015-4872)
Vulnerability from cvelistv5
Published
2015-10-21 23:00
Modified
2024-08-06 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:25:21.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "RHSA-2015:2518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "77211",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77211"
},
{
"name": "RHSA-2015:1921",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "RHSA-2015:2518",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "77211",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77211"
},
{
"name": "RHSA-2015:1921",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4872",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:2182",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "RHSA-2015:2518",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "77211",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77211"
},
{
"name": "RHSA-2015:1921",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-4872",
"datePublished": "2015-10-21T23:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:25:21.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1006 (GCVE-0-2009-1006)
Vulnerability from cvelistv5
Published
2009-04-15 10:00
Modified
2024-08-07 04:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022059",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022059"
},
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-18T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "1022059",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022059"
},
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2009-1006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022059",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022059"
},
{
"name": "34461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "TA09-105A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2009-1006",
"datePublished": "2009-04-15T10:00:00",
"dateReserved": "2009-03-19T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5823 (GCVE-0-2013-5823)
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:31.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "oval:org.mitre.oval:def:18783",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18783"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "oval:org.mitre.oval:def:18783",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18783"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "oval:org.mitre.oval:def:18783",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18783"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5823",
"datePublished": "2013-10-16T17:31:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:31.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3551 (GCVE-0-2011-3551)
Vulnerability from cvelistv5
Published
2011-10-19 21:00
Modified
2024-08-06 23:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "50224",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50224"
},
{
"name": "oval:org.mitre.oval:def:14318",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14318"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "oracle-jre-2d-unspecified(70842)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70842"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "50224",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50224"
},
{
"name": "oval:org.mitre.oval:def:14318",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14318"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "oracle-jre-2d-unspecified(70842)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70842"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-3551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "48308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1384",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "50224",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50224"
},
{
"name": "oval:org.mitre.oval:def:14318",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14318"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "oracle-jre-2d-unspecified(70842)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70842"
},
{
"name": "1026215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2011-3551",
"datePublished": "2011-10-19T21:00:00",
"dateReserved": "2011-09-16T00:00:00",
"dateUpdated": "2024-08-06T23:37:48.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2461 (GCVE-0-2013-2461)
Vulnerability from cvelistv5
Published
2013-06-18 22:00
Modified
2024-08-06 15:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm."
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/abe9ea5a50d2"
},
{
"name": "HPSBUX02908",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "oval:org.mitre.oval:def:16887",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16887"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"name": "HPSBUX02907",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "oval:org.mitre.oval:def:19582",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19582"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:19565",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19565"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "TA13-169A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2013-0185.html"
},
{
"name": "RHSA-2013:0963",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
},
{
"name": "60645",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60645"
},
{
"name": "MDVSA-2013:183",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=975126"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a \"Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/abe9ea5a50d2"
},
{
"name": "HPSBUX02908",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "oval:org.mitre.oval:def:16887",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16887"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"name": "HPSBUX02907",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "oval:org.mitre.oval:def:19582",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19582"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:19565",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19565"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "TA13-169A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2013-0185.html"
},
{
"name": "RHSA-2013:0963",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
},
{
"name": "60645",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60645"
},
{
"name": "MDVSA-2013:183",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=975126"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-2461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a \"Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/abe9ea5a50d2",
"refsource": "MISC",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/abe9ea5a50d2"
},
{
"name": "HPSBUX02908",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "oval:org.mitre.oval:def:16887",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16887"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"name": "HPSBUX02907",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
},
{
"name": "54154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54154"
},
{
"name": "oval:org.mitre.oval:def:19582",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19582"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:19565",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19565"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "TA13-169A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
},
{
"name": "http://advisories.mageia.org/MGASA-2013-0185.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2013-0185.html"
},
{
"name": "RHSA-2013:0963",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
},
{
"name": "60645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60645"
},
{
"name": "MDVSA-2013:183",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=975126",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=975126"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-2461",
"datePublished": "2013-06-18T22:00:00",
"dateReserved": "2013-03-05T00:00:00",
"dateUpdated": "2024-08-06T15:36:46.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2795 (GCVE-0-2018-2795)
Vulnerability from cvelistv5
Published
2018-04-19 02:00
Modified
2024-10-03 20:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u181 Version: 7u171 Version: 8u162 Version: 10; Java SE Embedded: 8u161; JRockit: R28.3.17 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:29:44.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103847",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103847"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2795",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:13:32.761597Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:18:11.453Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u181"
},
{
"status": "affected",
"version": "7u171"
},
{
"status": "affected",
"version": "8u162"
},
{
"status": "affected",
"version": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-20T00:06:05",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103847",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103847"
},
{
"name": "RHSA-2018:1722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2795",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u181"
},
{
"version_affected": "=",
"version_value": "7u171"
},
{
"version_affected": "=",
"version_value": "8u162"
},
{
"version_affected": "=",
"version_value": "10; Java SE Embedded: 8u161; JRockit: R28.3.17"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1278",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1278"
},
{
"name": "DSA-4185",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4185"
},
{
"name": "RHSA-2018:1975",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1975"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03857en_us"
},
{
"name": "GLSA-201903-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-14"
},
{
"name": "DSA-4225",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4225"
},
{
"name": "1040697",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040697"
},
{
"name": "RHSA-2018:1724",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1724"
},
{
"name": "RHSA-2018:1203",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1203"
},
{
"name": "USN-3644-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3644-1/"
},
{
"name": "RHSA-2018:1723",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1723"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0001/"
},
{
"name": "RHSA-2018:1201",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1204"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103847"
},
{
"name": "RHSA-2018:1722",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1722"
},
{
"name": "RHSA-2018:1974",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1974"
},
{
"name": "RHSA-2018:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1205"
},
{
"name": "RHSA-2018:1721",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1721"
},
{
"name": "USN-3691-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3691-1/"
},
{
"name": "RHSA-2018:1202",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1202"
},
{
"name": "RHSA-2018:1191",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1191"
},
{
"name": "RHSA-2018:1188",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1188"
},
{
"name": "RHSA-2018:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1206"
},
{
"name": "RHSA-2018:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1270"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03915en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2795",
"datePublished": "2018-04-19T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:18:11.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4803 (GCVE-0-2015-4803)
Vulnerability from cvelistv5
Published
2015-10-21 21:00
Modified
2024-08-06 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:25:21.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "77200",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77200"
},
{
"name": "openSUSE-SU-2015:1906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "77200",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77200"
},
{
"name": "openSUSE-SU-2015:1906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:2182",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "77200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77200"
},
{
"name": "openSUSE-SU-2015:1906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:2507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
},
{
"name": "RHSA-2015:1928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1430",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2015:2506",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
},
{
"name": "RHSA-2015:2509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
},
{
"name": "1033884",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "RHSA-2015:2508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-4803",
"datePublished": "2015-10-21T21:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:25:21.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2603 (GCVE-0-2018-2603)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102625",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102625"
},
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:12:36.227363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:42:31.548Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "102625",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102625"
},
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102625"
},
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2603",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:42:31.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0460 (GCVE-0-2014-0460)
Vulnerability from cvelistv5
Published
2014-04-16 01:00
Modified
2024-08-06 09:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59642"
},
{
"name": "59022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59022"
},
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "59705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59705"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "61264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61264"
},
{
"name": "59706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59706"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"name": "59436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59436"
},
{
"name": "59071",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59071"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "66916",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66916"
},
{
"name": "60117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "59516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59516"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"name": "59023",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59023"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "59307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59307"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"name": "59082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59082"
},
{
"name": "59250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59250"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "59255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59255"
},
{
"name": "59704",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59704"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"name": "60111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60111"
},
{
"name": "60003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "59642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59642"
},
{
"name": "59022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59022"
},
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "59705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59705"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "61264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61264"
},
{
"name": "59706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59706"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"name": "59436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59436"
},
{
"name": "59071",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59071"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "66916",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66916"
},
{
"name": "60117",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "59516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59516"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"name": "59023",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59023"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "59307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59307"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"name": "59082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59082"
},
{
"name": "59250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59250"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "59255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59255"
},
{
"name": "59704",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59704"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"name": "60111",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60111"
},
{
"name": "60003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59642",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59642"
},
{
"name": "59022",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59022"
},
{
"name": "USN-2187-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "59705",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59705"
},
{
"name": "USN-2191-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676315"
},
{
"name": "RHSA-2014:0413",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "59058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59058"
},
{
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "61264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61264"
},
{
"name": "59706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59706"
},
{
"name": "RHSA-2014:0685",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677294"
},
{
"name": "59436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59436"
},
{
"name": "59071",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59071"
},
{
"name": "DSA-2912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "66916",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66916"
},
{
"name": "60117",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60117"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
},
{
"name": "58415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "59516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59516"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21677387",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
},
{
"name": "59023",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59023"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "59307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59307"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21675343",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"name": "59082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59082"
},
{
"name": "59250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59250"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "59255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59255"
},
{
"name": "59704",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59704"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681018"
},
{
"name": "60111",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60111"
},
{
"name": "60003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60003"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21675588",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-0460",
"datePublished": "2014-04-16T01:00:00",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4244 (GCVE-0-2014-4244)
Vulnerability from cvelistv5
Published
2014-07-17 10:00
Modified
2024-08-06 11:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:12:34.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2987",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"name": "68624",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68624"
},
{
"name": "60129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60129"
},
{
"name": "62314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62314"
},
{
"name": "58830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58830"
},
{
"name": "oracle-cpujul2014-cve20144244(94605)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94605"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"name": "61050",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61050"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "DSA-2980",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name": "1030577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name": "61254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61254"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"name": "59987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59987"
},
{
"name": "60335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "60831",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60831"
},
{
"name": "60846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60846"
},
{
"name": "61846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61846"
},
{
"name": "60812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60812"
},
{
"name": "61264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61264"
},
{
"name": "60890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60890"
},
{
"name": "61469",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61469"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61215"
},
{
"name": "60002",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60002"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "59986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "60245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60245"
},
{
"name": "61417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61417"
},
{
"name": "60817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60817"
},
{
"name": "59924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59924"
},
{
"name": "61577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61577"
},
{
"name": "RHSA-2014:0908",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name": "61278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61278"
},
{
"name": "60497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60497"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "60485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60485"
},
{
"name": "59680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59680"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"name": "60622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60622"
},
{
"name": "61293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61293"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"name": "60081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60081"
},
{
"name": "60032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"name": "RHSA-2014:0902",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name": "60326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60326"
},
{
"name": "59985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59985"
},
{
"name": "61640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"name": "59503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "60317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60317"
},
{
"name": "60031",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60031"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "59404",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "DSA-2987",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"name": "68624",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68624"
},
{
"name": "60129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60129"
},
{
"name": "62314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62314"
},
{
"name": "58830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58830"
},
{
"name": "oracle-cpujul2014-cve20144244(94605)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94605"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"name": "61050",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61050"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "DSA-2980",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name": "1030577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name": "61254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61254"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"name": "59987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59987"
},
{
"name": "60335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "60831",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60831"
},
{
"name": "60846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60846"
},
{
"name": "61846",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61846"
},
{
"name": "60812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60812"
},
{
"name": "61264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61264"
},
{
"name": "60890",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60890"
},
{
"name": "61469",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61469"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61215",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61215"
},
{
"name": "60002",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60002"
},
{
"name": "61294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61294"
},
{
"name": "59986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "60245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60245"
},
{
"name": "61417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61417"
},
{
"name": "60817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60817"
},
{
"name": "59924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59924"
},
{
"name": "61577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61577"
},
{
"name": "RHSA-2014:0908",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name": "61278",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61278"
},
{
"name": "60497",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60497"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "60485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60485"
},
{
"name": "59680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59680"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"name": "60622",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60622"
},
{
"name": "61293",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61293"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"name": "60081",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60081"
},
{
"name": "60032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"name": "RHSA-2014:0902",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name": "60326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60326"
},
{
"name": "59985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59985"
},
{
"name": "61640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"name": "59503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "60317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60317"
},
{
"name": "60031",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60031"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "59404",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-4244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2987",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2987"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685178"
},
{
"name": "68624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68624"
},
{
"name": "60129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60129"
},
{
"name": "62314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62314"
},
{
"name": "58830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58830"
},
{
"name": "oracle-cpujul2014-cve20144244(94605)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94605"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681966"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681379"
},
{
"name": "61050",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61050"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "DSA-2980",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2980"
},
{
"name": "1030577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030577"
},
{
"name": "61254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61254"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685242"
},
{
"name": "59987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59987"
},
{
"name": "60335",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60335"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683429"
},
{
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "60831",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60831"
},
{
"name": "60846",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60846"
},
{
"name": "61846",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61846"
},
{
"name": "60812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60812"
},
{
"name": "61264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61264"
},
{
"name": "60890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60890"
},
{
"name": "61469",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61469"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21683518",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21683518"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "61215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61215"
},
{
"name": "60002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60002"
},
{
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name": "59986",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59986"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "60245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60245"
},
{
"name": "61417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61417"
},
{
"name": "60817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60817"
},
{
"name": "59924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59924"
},
{
"name": "61577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61577"
},
{
"name": "RHSA-2014:0908",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0908"
},
{
"name": "61278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61278"
},
{
"name": "60497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60497"
},
{
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "60485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60485"
},
{
"name": "59680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59680"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683438"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688893"
},
{
"name": "60622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60622"
},
{
"name": "61293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61293"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21680418",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21680418"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10083"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685121"
},
{
"name": "60081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60081"
},
{
"name": "60032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60032"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686142"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685122"
},
{
"name": "RHSA-2014:0902",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0902"
},
{
"name": "60326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60326"
},
{
"name": "59985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59985"
},
{
"name": "61640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61640"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683338"
},
{
"name": "59503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59503"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "60317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60317"
},
{
"name": "60031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60031"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "59404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-4244",
"datePublished": "2014-07-17T10:00:00",
"dateReserved": "2014-06-17T00:00:00",
"dateUpdated": "2024-08-06T11:12:34.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5825 (GCVE-0-2013-5825)
Vulnerability from cvelistv5
Published
2013-10-16 17:31
Modified
2024-08-06 17:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:31.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "oval:org.mitre.oval:def:19046",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19046"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "63101",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63101"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "oval:org.mitre.oval:def:19046",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19046"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "63101",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63101"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "oval:org.mitre.oval:def:19046",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19046"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "63101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63101"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5825",
"datePublished": "2013-10-16T17:31:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:22:31.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2579 (GCVE-0-2018-2579)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "102663",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102663"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:22:41.441702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:45:10.321Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "102663",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102663"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "102663",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102663"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2579",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:45:10.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0483 (GCVE-0-2016-0483)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:22:54.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032"
},
{
"name": "openSUSE-SU-2016:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"name": "1034715",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034715"
},
{
"name": "openSUSE-SU-2016:0279",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "USN-2884-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2884-1"
},
{
"name": "DSA-3465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name": "USN-2885-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2885-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2016:0049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2016:0053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html"
},
{
"name": "SUSE-SU-2016:0269",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"name": "RHSA-2016:0067",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html"
},
{
"name": "openSUSE-SU-2016:0263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"name": "SUSE-SU-2016:0256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "RHSA-2016:0057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html"
},
{
"name": "RHSA-2016:0055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"name": "RHSA-2016:0054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html"
},
{
"name": "RHSA-2016:0056",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html"
},
{
"name": "openSUSE-SU-2016:0268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"name": "RHSA-2016:0050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"name": "DSA-3458",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"name": "SUSE-SU-2016:0265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032"
},
{
"name": "openSUSE-SU-2016:0272",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"name": "1034715",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034715"
},
{
"name": "openSUSE-SU-2016:0279",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"name": "GLSA-201610-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "USN-2884-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2884-1"
},
{
"name": "DSA-3465",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name": "USN-2885-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2885-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2016:0049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2016:0053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html"
},
{
"name": "SUSE-SU-2016:0269",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"name": "RHSA-2016:0067",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html"
},
{
"name": "openSUSE-SU-2016:0263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"name": "SUSE-SU-2016:0256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "RHSA-2016:0057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html"
},
{
"name": "RHSA-2016:0055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"name": "RHSA-2016:0054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html"
},
{
"name": "RHSA-2016:0056",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html"
},
{
"name": "openSUSE-SU-2016:0268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"name": "RHSA-2016:0050",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"name": "DSA-3458",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"name": "SUSE-SU-2016:0265",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-032",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032"
},
{
"name": "openSUSE-SU-2016:0272",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
},
{
"name": "1034715",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034715"
},
{
"name": "openSUSE-SU-2016:0279",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
},
{
"name": "GLSA-201610-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-08"
},
{
"name": "USN-2884-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2884-1"
},
{
"name": "DSA-3465",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3465"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name": "USN-2885-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2885-1"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2016:1430",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "RHSA-2016:0049",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
},
{
"name": "openSUSE-SU-2016:0270",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2016:0053",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html"
},
{
"name": "SUSE-SU-2016:0269",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
},
{
"name": "RHSA-2016:0067",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html"
},
{
"name": "openSUSE-SU-2016:0263",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
},
{
"name": "SUSE-SU-2016:0256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "RHSA-2016:0057",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html"
},
{
"name": "RHSA-2016:0055",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
},
{
"name": "RHSA-2016:0054",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html"
},
{
"name": "RHSA-2016:0056",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html"
},
{
"name": "openSUSE-SU-2016:0268",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"name": "RHSA-2016:0050",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"name": "DSA-3458",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"name": "SUSE-SU-2016:0265",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-0483",
"datePublished": "2016-01-21T02:00:00",
"dateReserved": "2015-12-09T00:00:00",
"dateUpdated": "2024-08-05T22:22:54.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2637 (GCVE-0-2018-2637)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "102576",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102576"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2637",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:19:43.731165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:38:48.856Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "102576",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102576"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "102576",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102576"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2637",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:38:48.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0488 (GCVE-0-2015-0488)
Vulnerability from cvelistv5
Published
2015-04-16 16:00
Modified
2024-08-06 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:10:10.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:0857",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"name": "DSA-3235",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"name": "RHSA-2015:1007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "RHSA-2015:0806",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"name": "RHSA-2015:1006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"name": "SUSE-SU-2015:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"name": "MDVSA-2015:212",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"name": "RHSA-2015:1091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "1032120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032120"
},
{
"name": "74111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74111"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "openSUSE-SU-2015:0773",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"name": "SUSE-SU-2015:1138",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "DSA-3234",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"name": "USN-2573-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "RHSA-2015:0807",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"name": "SUSE-SU-2015:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "SUSE-SU-2015:1085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:0858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"name": "RHSA-2015:1021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "RHSA-2015:0808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"name": "USN-2574-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"name": "RHSA-2015:0809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"name": "openSUSE-SU-2015:0774",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"name": "SUSE-SU-2015:1161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "RHSA-2015:0854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2015:0857",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"name": "DSA-3235",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"name": "RHSA-2015:1007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "RHSA-2015:0806",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"name": "RHSA-2015:1006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"name": "SUSE-SU-2015:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"name": "MDVSA-2015:212",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"name": "RHSA-2015:1091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "1032120",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032120"
},
{
"name": "74111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74111"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "openSUSE-SU-2015:0773",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"name": "SUSE-SU-2015:1138",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "DSA-3234",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"name": "USN-2573-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "RHSA-2015:0807",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"name": "SUSE-SU-2015:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "SUSE-SU-2015:1085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:0858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"name": "RHSA-2015:1021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "RHSA-2015:0808",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"name": "USN-2574-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"name": "RHSA-2015:0809",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"name": "openSUSE-SU-2015:0774",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"name": "SUSE-SU-2015:1161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "RHSA-2015:0854",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-0488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:0857",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"
},
{
"name": "DSA-3235",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3235"
},
{
"name": "RHSA-2015:1007",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "SUSE-SU-2015:2182",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "RHSA-2015:0806",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html"
},
{
"name": "RHSA-2015:1006",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "SUSE-SU-2015:2192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0158.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0158.html"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
},
{
"name": "SUSE-SU-2015:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"
},
{
"name": "MDVSA-2015:212",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212"
},
{
"name": "RHSA-2015:1091",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960194"
},
{
"name": "DSA-3316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "SUSE-SU-2015:2166",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "1032120",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032120"
},
{
"name": "74111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74111"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "openSUSE-SU-2015:0773",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"
},
{
"name": "SUSE-SU-2015:1138",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "DSA-3234",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3234"
},
{
"name": "USN-2573-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2573-1"
},
{
"name": "SUSE-SU-2015:2216",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1020",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "RHSA-2015:0807",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html"
},
{
"name": "SUSE-SU-2015:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "SUSE-SU-2015:2168",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "SUSE-SU-2015:1085",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:0858",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html"
},
{
"name": "RHSA-2015:1021",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "RHSA-2015:0808",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html"
},
{
"name": "USN-2574-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2574-1"
},
{
"name": "RHSA-2015:0809",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html"
},
{
"name": "openSUSE-SU-2015:0774",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"
},
{
"name": "SUSE-SU-2015:1161",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "RHSA-2015:0854",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-0488",
"datePublished": "2015-04-16T16:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T04:10:10.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3149 (GCVE-0-2018-3149)
Vulnerability from cvelistv5
Published
2018-10-17 01:00
Modified
2024-10-02 19:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u201, 7u191, 8u181, 11 Version: Java SE Embedded: 8u181 Version: JRockit: R28.3.19 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:43:34.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "RHSA-2018:3003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "USN-3824-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"name": "RHSA-2018:2943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "105608",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105608"
},
{
"name": "RHSA-2018:3521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "GLSA-201908-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-3149",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:16:15.843501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:42:57.828Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u201, 7u191, 8u181, 11"
},
{
"status": "affected",
"version": "Java SE Embedded: 8u181"
},
{
"status": "affected",
"version": "JRockit: R28.3.19"
}
]
}
],
"datePublic": "2018-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T23:06:10",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "RHSA-2018:3003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "USN-3824-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"name": "RHSA-2018:2943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "105608",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105608"
},
{
"name": "RHSA-2018:3521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "GLSA-201908-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3149",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u201, 7u191, 8u181, 11"
},
{
"version_affected": "=",
"version_value": "Java SE Embedded: 8u181"
},
{
"version_affected": "=",
"version_value": "JRockit: R28.3.19"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181018-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "RHSA-2018:3003",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "USN-3824-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"name": "RHSA-2018:2943",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "105608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105608"
},
{
"name": "RHSA-2018:3521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "GLSA-201908-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-3149",
"datePublished": "2018-10-17T01:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-02T19:42:57.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3214 (GCVE-0-2018-3214)
Vulnerability from cvelistv5
Published
2018-10-17 01:00
Modified
2024-10-02 19:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u201, 7u191, 8u181 Version: Java SE Embedded: 8u181 Version: JRockit: R28.3.19 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:43:35.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "105615",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105615"
},
{
"name": "RHSA-2018:3003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "RHSA-2018:2943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "GLSA-201908-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-3214",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:17:37.526522Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:35:29.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u201, 7u191, 8u181"
},
{
"status": "affected",
"version": "Java SE Embedded: 8u181"
},
{
"status": "affected",
"version": "JRockit: R28.3.19"
}
]
}
],
"datePublic": "2018-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T23:06:10",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "105615",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105615"
},
{
"name": "RHSA-2018:3003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "RHSA-2018:2943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "GLSA-201908-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u201, 7u191, 8u181"
},
{
"version_affected": "=",
"version_value": "Java SE Embedded: 8u181"
},
{
"version_affected": "=",
"version_value": "JRockit: R28.3.19"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181018-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "105615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105615"
},
{
"name": "RHSA-2018:3003",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "RHSA-2018:2943",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "GLSA-201908-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-3214",
"datePublished": "2018-10-17T01:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-02T19:35:29.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3252 (GCVE-0-2017-3252)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-10-09 19:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Java JavaSE:6u131;7u121;8u112;JavaSEEmbedded:8u111;JRockit:R28.3.12 |
Version: Java JavaSE:6u131;7u121;8u112;JavaSEEmbedded:8u111;JRockit:R28.3.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:23:32.862Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "95509",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95509"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:30:16.034312Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T19:44:36.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java JavaSE:6u131;7u121;8u112;JavaSEEmbedded:8u111;JRockit:R28.3.12",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Java JavaSE:6u131;7u121;8u112;JavaSEEmbedded:8u111;JRockit:R28.3.12"
}
]
}
],
"datePublic": "2017-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "95509",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95509"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java JavaSE:6u131;7u121;8u112;JavaSEEmbedded:8u111;JRockit:R28.3.12",
"version": {
"version_data": [
{
"version_value": "Java JavaSE:6u131;7u121;8u112;JavaSEEmbedded:8u111;JRockit:R28.3.12"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0338",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "95509",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95509"
},
{
"name": "RHSA-2017:0177",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3252",
"datePublished": "2017-01-27T22:01:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-09T19:44:36.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0456 (GCVE-0-2014-0456)
Vulnerability from cvelistv5
Published
2014-04-16 01:00
Modified
2024-08-06 09:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:13:10.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "66877",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66877"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "USN-2187-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "RHSA-2014:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "SSRT101667",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "DSA-2912",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "66877",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66877"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-0456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2187-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2187-1"
},
{
"name": "RHSA-2014:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "USN-2191-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2191-1"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10698"
},
{
"name": "HPSBUX03091",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "RHSA-2014:0413",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0413"
},
{
"name": "SSRT101667",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
},
{
"name": "HPSBUX03092",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "RHSA-2014:0685",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
},
{
"name": "DSA-2912",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2912"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "58415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58415"
},
{
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "66877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66877"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-0456",
"datePublished": "2014-04-16T01:00:00",
"dateReserved": "2013-12-12T00:00:00",
"dateUpdated": "2024-08-06T09:13:10.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4911 (GCVE-0-2015-4911)
Vulnerability from cvelistv5
Published
2015-10-21 23:00
Modified
2024-08-06 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:25:22.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:1928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"name": "77209",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77209"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-22T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2015:2182",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:1928",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"name": "77209",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77209"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "SUSE-SU-2016:0113",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:2182",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
},
{
"name": "USN-2784-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2784-1"
},
{
"name": "openSUSE-SU-2015:1905",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
},
{
"name": "SUSE-SU-2015:2192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name": "openSUSE-SU-2015:1906",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
},
{
"name": "RHSA-2015:1928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033884",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033884"
},
{
"name": "SUSE-SU-2015:2166",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "openSUSE-SU-2016:0270",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
},
{
"name": "RHSA-2015:1919",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "openSUSE-SU-2015:1902",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
},
{
"name": "RHSA-2015:1920",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "SUSE-SU-2015:2216",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
},
{
"name": "RHSA-2015:1927",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
},
{
"name": "openSUSE-SU-2015:1971",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
},
{
"name": "SUSE-SU-2015:2268",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
},
{
"name": "SUSE-SU-2015:2168",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1921",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
},
{
"name": "SUSE-SU-2015:1874",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
},
{
"name": "DSA-3381",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3381"
},
{
"name": "RHSA-2015:1926",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "SUSE-SU-2015:1875",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"name": "77209",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77209"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10141"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-4911",
"datePublished": "2015-10-21T23:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:25:22.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5907 (GCVE-0-2013-5907)
Vulnerability from cvelistv5
Published
2014-01-15 01:33
Modified
2024-08-06 17:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56432"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "RHSA-2014:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"name": "openSUSE-SU-2014:0174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915"
},
{
"name": "RHSA-2014:0135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "56535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "101995",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/101995"
},
{
"name": "RHSA-2014:0030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "64894",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64894"
},
{
"name": "RHSA-2014:0097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"name": "56485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56485"
},
{
"name": "SSRT101454",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1"
},
{
"name": "HPSBUX02972",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name": "56486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "1029608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name": "USN-2124-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"name": "RHSA-2014:0026",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "SUSE-SU-2014:0246",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "RHSA-2014:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"name": "openSUSE-SU-2014:0180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "56432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56432"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "RHSA-2014:0136",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"name": "openSUSE-SU-2014:0174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915"
},
{
"name": "RHSA-2014:0135",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "56535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "101995",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/101995"
},
{
"name": "RHSA-2014:0030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "64894",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64894"
},
{
"name": "RHSA-2014:0097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"name": "56485",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56485"
},
{
"name": "SSRT101454",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1"
},
{
"name": "HPSBUX02972",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name": "56486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "1029608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name": "USN-2124-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"name": "RHSA-2014:0026",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "SUSE-SU-2014:0246",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "RHSA-2014:0134",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"name": "openSUSE-SU-2014:0180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-5907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56432"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "RHSA-2014:0136",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0136.html"
},
{
"name": "openSUSE-SU-2014:0174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html"
},
{
"name": "SSRT101455",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915"
},
{
"name": "RHSA-2014:0135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
},
{
"name": "56535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56535"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "101995",
"refsource": "OSVDB",
"url": "http://osvdb.org/101995"
},
{
"name": "RHSA-2014:0030",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
},
{
"name": "64894",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64894"
},
{
"name": "RHSA-2014:0097",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0097.html"
},
{
"name": "56485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56485"
},
{
"name": "SSRT101454",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
},
{
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1",
"refsource": "MISC",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1"
},
{
"name": "HPSBUX02972",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2"
},
{
"name": "RHSA-2014:0027",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html"
},
{
"name": "56486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56486"
},
{
"name": "SUSE-SU-2014:0451",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
},
{
"name": "HPSBUX02973",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=139402749111889\u0026w=2"
},
{
"name": "1029608",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029608"
},
{
"name": "USN-2124-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2124-1"
},
{
"name": "56487",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56487"
},
{
"name": "SUSE-SU-2014:0266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
},
{
"name": "RHSA-2014:0026",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "SUSE-SU-2014:0246",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "RHSA-2014:0134",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
},
{
"name": "openSUSE-SU-2014:0180",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html"
},
{
"name": "openSUSE-SU-2014:0177",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-5907",
"datePublished": "2014-01-15T01:33:00",
"dateReserved": "2013-09-18T00:00:00",
"dateUpdated": "2024-08-06T17:29:42.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6558 (GCVE-0-2014-6558)
Vulnerability from cvelistv5
Published
2014-10-15 22:03
Modified
2024-08-06 12:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:17:24.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61163"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "70544",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70544"
},
{
"name": "DSA-3080",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "60414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61163"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "70544",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70544"
},
{
"name": "DSA-3080",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60414"
},
{
"name": "RHSA-2014:1880",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1657",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"name": "RHSA-2014:1877",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "61609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61609"
},
{
"name": "61928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61928"
},
{
"name": "61163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61163"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "USN-2386-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1633.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"name": "USN-2388-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"name": "HPSBUX03218",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "RHSA-2014:1881",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "61629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61629"
},
{
"name": "SUSE-SU-2014:1549",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "61018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61018"
},
{
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1634.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"name": "61346",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61346"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10092"
},
{
"name": "RHSA-2014:1634",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"name": "USN-2388-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"name": "SUSE-SU-2014:1422",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"name": "70544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70544"
},
{
"name": "DSA-3080",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "60416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60416"
},
{
"name": "RHSA-2014:1882",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "RHSA-2014:1633",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"name": "RHSA-2014:1636",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "RHSA-2014:1658",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"name": "61164",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61164"
},
{
"name": "SSRT101770",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"name": "DSA-3077",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1636",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61020",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61020"
},
{
"name": "61143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61143"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"name": "60417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60417"
},
{
"name": "61631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61631"
},
{
"name": "RHSA-2014:1620",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2014-6558",
"datePublished": "2014-10-15T22:03:00",
"dateReserved": "2014-09-17T00:00:00",
"dateUpdated": "2024-08-06T12:17:24.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3533 (GCVE-0-2017-3533)
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-10-07 16:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u141 Version: 7u131 Version: 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:30:58.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "97740",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97740"
},
{
"name": "RHSA-2017:1117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1222",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:1119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3533",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T15:45:02.988993Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T16:13:05.805Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u141"
},
{
"status": "affected",
"version": "7u131"
},
{
"status": "affected",
"version": "8u121; Java SE Embedded: 8u121; JRockit: R28.3.13"
}
]
}
],
"datePublic": "2017-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1221",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1220",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "97740",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97740"
},
{
"name": "RHSA-2017:1117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1222",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "RHSA-2017:3453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:1119",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u141"
},
{
"version_affected": "=",
"version_value": "7u131"
},
{
"version_affected": "=",
"version_value": "8u121; Java SE Embedded: 8u121; JRockit: R28.3.13"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1221",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1221"
},
{
"name": "GLSA-201705-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-03"
},
{
"name": "RHSA-2017:1220",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1220"
},
{
"name": "97740",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97740"
},
{
"name": "RHSA-2017:1117",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1117"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "RHSA-2017:1109",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1109"
},
{
"name": "1038286",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038286"
},
{
"name": "DSA-3858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3858"
},
{
"name": "RHSA-2017:1108",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1108"
},
{
"name": "RHSA-2017:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1204"
},
{
"name": "RHSA-2017:1118",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1118"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:1222",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1222"
},
{
"name": "RHSA-2017:3453",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3453"
},
{
"name": "RHSA-2017:1119",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1119"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3533",
"datePublished": "2017-04-24T19:00:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-07T16:13:05.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3553 (GCVE-0-2011-3553)
Vulnerability from cvelistv5
Published
2011-10-19 21:00
Modified
2024-08-06 23:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "50246",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50246"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "oval:org.mitre.oval:def:14311",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14311"
},
{
"name": "oracle-jre-jaxws-info-disc(70840)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70840"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "76512",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/76512"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "50246",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50246"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "oval:org.mitre.oval:def:14311",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14311"
},
{
"name": "oracle-jre-jaxws-info-disc(70840)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70840"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "76512",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/76512"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-3553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "50246",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50246"
},
{
"name": "48308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48308"
},
{
"name": "HPSBUX02730",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1384",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "oval:org.mitre.oval:def:14311",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14311"
},
{
"name": "oracle-jre-jaxws-info-disc(70840)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70840"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "1026215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "USN-1263-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "76512",
"refsource": "OSVDB",
"url": "http://osvdb.org/76512"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2011-3553",
"datePublished": "2011-10-19T21:00:00",
"dateReserved": "2011-09-16T00:00:00",
"dateUpdated": "2024-08-06T23:37:48.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5552 (GCVE-0-2016-5552)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-10-09 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:07:58.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "1037798",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037798"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "95512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95512"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-02-01.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-5552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:25:39.260004Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T20:03:36.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java SE",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "6u131"
},
{
"status": "affected",
"version": "7u121"
},
{
"status": "affected",
"version": "8u112"
}
]
},
{
"product": "Java SE Embedded",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "8u111"
}
]
},
{
"product": "JRockit",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "R28.3.12"
}
]
}
],
"datePublic": "2017-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "1037798",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037798"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "95512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95512"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-02-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5552",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "6u131"
},
{
"version_value": "7u121"
},
{
"version_value": "8u112"
}
]
}
},
{
"product_name": "Java SE Embedded",
"version": {
"version_data": [
{
"version_value": "8u111"
}
]
}
},
{
"product_name": "JRockit",
"version": {
"version_data": [
{
"version_value": "R28.3.12"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0338",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "1037798",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037798"
},
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "RHSA-2017:0180",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "95512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95512"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
},
{
"name": "https://source.android.com/security/bulletin/2017-02-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-02-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2016-5552",
"datePublished": "2017-01-27T22:01:00",
"dateReserved": "2016-06-16T00:00:00",
"dateUpdated": "2024-10-09T20:03:36.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10135 (GCVE-0-2017-10135)
Vulnerability from cvelistv5
Published
2017-08-08 15:00
Modified
2024-10-04 19:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u151 Version: 7u141 Version: 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:33:16.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "99839",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99839"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-10135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T15:51:46.063191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T19:00:17.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u151"
},
{
"status": "affected",
"version": "7u141"
},
{
"status": "affected",
"version": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
],
"datePublic": "2017-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "99839",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99839"
},
{
"name": "RHSA-2017:1792",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-10135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u151"
},
{
"version_affected": "=",
"version_value": "7u141"
},
{
"version_affected": "=",
"version_value": "8u131; Java SE Embedded: 8u131; JRockit: R28.3.14"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1791"
},
{
"name": "RHSA-2017:1790",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1790"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170720-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170720-0001/"
},
{
"name": "RHSA-2017:1789",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1789"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-002",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-002"
},
{
"name": "RHSA-2017:2424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2424"
},
{
"name": "1038931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038931"
},
{
"name": "99839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99839"
},
{
"name": "RHSA-2017:1792",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1792"
},
{
"name": "GLSA-201709-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-22"
},
{
"name": "DSA-3919",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3919"
},
{
"name": "DSA-3954",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3954"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-10135",
"datePublished": "2017-08-08T15:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-10-04T19:00:17.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2618 (GCVE-0-2018-2618)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "102612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102612"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2618",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:23:12.897643Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:40:43.309Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "102612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102612"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "102612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102612"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2618",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:40:43.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4748 (GCVE-0-2015-4748)
Vulnerability from cvelistv5
Published
2015-07-16 10:00
Modified
2024-08-06 06:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:25:21.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "1037732",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037732"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "75854",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75854"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2015:1243",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "GLSA-201603-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "1037732",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037732"
},
{
"name": "RHSA-2015:1488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "75854",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75854"
},
{
"name": "RHSA-2015:1604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4748",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1243",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "RHSA-2015:1229",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name": "1032910",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name": "USN-2706-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name": "RHSA-2015:1526",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name": "RHSA-2015:1485",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name": "RHSA-2015:1544",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1544.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10139"
},
{
"name": "openSUSE-SU-2015:1289",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name": "RHSA-2015:1228",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name": "DSA-3316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name": "RHSA-2015:1486",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name": "USN-2696-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name": "DSA-3339",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name": "RHSA-2015:1242",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
},
{
"name": "1037732",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037732"
},
{
"name": "RHSA-2015:1488",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name": "SUSE-SU-2015:1319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name": "75854",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75854"
},
{
"name": "RHSA-2015:1604",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2015-4748",
"datePublished": "2015-07-16T10:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:25:21.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-2599 (GCVE-0-2018-2599)
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u171 Version: 7u161 Version: 8u152 Version: 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "102633",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102633"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:22:37.884160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:42:59.538Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161"
},
{
"status": "affected",
"version": "8u152"
},
{
"status": "affected",
"version": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2018:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "102633",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102633"
},
{
"name": "USN-3614-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2599",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161"
},
{
"version_affected": "=",
"version_value": "8u152"
},
{
"version_affected": "=",
"version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0351"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "102633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102633"
},
{
"name": "USN-3614-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3614-1/"
},
{
"name": "DSA-4166",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4166"
},
{
"name": "RHSA-2018:0095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0095"
},
{
"name": "DSA-4144",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4144"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0352"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0349"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "USN-3613-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3613-1/"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2599",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:42:59.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3545 (GCVE-0-2011-3545)
Vulnerability from cvelistv5
Published
2011-10-19 21:00
Modified
2024-08-06 23:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:48.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "oval:org.mitre.oval:def:14180",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14180"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "oracle-jre-sound-unspecified(70848)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70848"
},
{
"name": "50220",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50220"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "48692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48308"
},
{
"name": "oval:org.mitre.oval:def:14180",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14180"
},
{
"name": "HPSBUX02730",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"name": "RHSA-2011:1384",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "oracle-jre-sound-unspecified(70848)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70848"
},
{
"name": "50220",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50220"
},
{
"name": "HPSBMU02797",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2011-3545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "48692",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48692"
},
{
"name": "HPSBMU02799",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
},
{
"name": "SSRT100805",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "48308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48308"
},
{
"name": "oval:org.mitre.oval:def:14180",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14180"
},
{
"name": "HPSBUX02730",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "SUSE-SU-2012:0114",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT100710",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
},
{
"name": "RHSA-2011:1478",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
},
{
"name": "RHSA-2011:1384",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
},
{
"name": "SSRT100867",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "49198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49198"
},
{
"name": "RHSA-2012:0006",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
},
{
"name": "SUSE-SU-2012:0122",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
},
{
"name": "HPSBUX02777",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "HPSBUX02760",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
},
{
"name": "SSRT100854",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2"
},
{
"name": "1026215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026215"
},
{
"name": "oracle-jre-sound-unspecified(70848)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70848"
},
{
"name": "50220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50220"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2011-3545",
"datePublished": "2011-10-19T21:00:00",
"dateReserved": "2011-09-16T00:00:00",
"dateUpdated": "2024-08-06T23:37:48.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3241 (GCVE-0-2017-3241)
Vulnerability from cvelistv5
Published
2017-01-27 22:01
Modified
2024-10-09 19:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-17-006-oracle-openjdk-java-serialization-dos-vulnerability/"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "41145",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41145/"
},
{
"name": "95488",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95488"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:27:16.086564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T19:51:08.388Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java SE",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "6u131"
},
{
"status": "affected",
"version": "7u121"
},
{
"status": "affected",
"version": "8u112"
}
]
},
{
"product": "Java SE Embedded",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "8u111"
}
]
},
{
"product": "JRockit",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "R28.3.12"
}
]
}
],
"datePublic": "2017-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "RHSA-2017:0338",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-17-006-oracle-openjdk-java-serialization-dos-vulnerability/"
},
{
"name": "RHSA-2017:0180",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "41145",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41145/"
},
{
"name": "95488",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95488"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "6u131"
},
{
"version_value": "7u121"
},
{
"version_value": "8u112"
}
]
}
},
{
"product_name": "Java SE Embedded",
"version": {
"version_data": [
{
"version_value": "8u111"
}
]
}
},
{
"product_name": "JRockit",
"version": {
"version_data": [
{
"version_value": "R28.3.12"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0338",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
},
{
"name": "DSA-3782",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3782"
},
{
"name": "RHSA-2017:0176",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
},
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "https://erpscan.io/advisories/erpscan-17-006-oracle-openjdk-java-serialization-dos-vulnerability/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-17-006-oracle-openjdk-java-serialization-dos-vulnerability/"
},
{
"name": "RHSA-2017:0180",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "GLSA-201707-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201707-01"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "RHSA-2017:0177",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
},
{
"name": "RHSA-2017:0263",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0269",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "41145",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41145/"
},
{
"name": "95488",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95488"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3241",
"datePublished": "2017-01-27T22:01:00",
"dateReserved": "2016-12-06T00:00:00",
"dateUpdated": "2024-10-09T19:51:08.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3180 (GCVE-0-2018-3180)
Vulnerability from cvelistv5
Published
2018-10-17 01:00
Modified
2024-10-02 19:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.
Summary
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Java |
Version: Java SE: 6u201, 7u191, 8u181 Version: Java SE Embedded: 8u181 Version: JRockit: R28.3.19 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:43:34.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "RHSA-2018:3003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "USN-3824-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"name": "RHSA-2018:2943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "RHSA-2018:3521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "105617",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105617"
},
{
"name": "GLSA-201908-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-3180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:07:28.112556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:39:19.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u201, 7u191, 8u181"
},
{
"status": "affected",
"version": "Java SE Embedded: 8u181"
},
{
"status": "affected",
"version": "JRockit: R28.3.19"
}
]
}
],
"datePublic": "2018-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-21T23:06:10",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "RHSA-2018:3003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "USN-3824-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"name": "RHSA-2018:2943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "RHSA-2018:3521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "105617",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105617"
},
{
"name": "GLSA-201908-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-3180",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u201, 7u191, 8u181"
},
{
"version_affected": "=",
"version_value": "Java SE Embedded: 8u181"
},
{
"version_affected": "=",
"version_value": "JRockit: R28.3.19"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20181122 [SECURITY] [DLA 1590-1] openjdk-7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html"
},
{
"name": "RHSA-2018:3007",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3007"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181018-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
},
{
"name": "RHSA-2018:2942",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2942"
},
{
"name": "RHSA-2018:3779",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3779"
},
{
"name": "RHSA-2018:3534",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3534"
},
{
"name": "RHSA-2018:3350",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3350"
},
{
"name": "RHSA-2018:3003",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3003"
},
{
"name": "USN-3804-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3804-1/"
},
{
"name": "RHSA-2018:3002",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3002"
},
{
"name": "RHSA-2018:3671",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3671"
},
{
"name": "RHSA-2018:3852",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3852"
},
{
"name": "DSA-4326",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4326"
},
{
"name": "USN-3824-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3824-1/"
},
{
"name": "RHSA-2018:2943",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2943"
},
{
"name": "RHSA-2018:3008",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3008"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "RHSA-2018:3533",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3533"
},
{
"name": "RHSA-2018:3409",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3409"
},
{
"name": "RHSA-2018:3001",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3001"
},
{
"name": "RHSA-2018:3000",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3000"
},
{
"name": "1041889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "RHSA-2018:3521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3521"
},
{
"name": "105617",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105617"
},
{
"name": "GLSA-201908-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-10"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03952en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-3180",
"datePublished": "2018-10-17T01:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-02T19:39:19.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}