Lucene search

[email protected]CVE-2011-3550

HistoryOct 19, 2011 - 9:55 p.m.

CVE-2011-3550

2011-10-1921:55:01

[email protected]

web.nvd.nist.gov

cve-2011-3550

oracle

java se

jdk

jre

vulnerability

awt

remote

untrusted

java applications

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

5.8 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.2%

JSON

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT.

Affected configurations

NVD

Node

sunjdkMatch1.7.0

sunjreMatch1.7.0

Node

sunjdkRange≤1.6.0update_27

sunjdkMatch1.6.0

sunjdkMatch1.6.0update_10

sunjdkMatch1.6.0update_11

sunjdkMatch1.6.0update_12

sunjdkMatch1.6.0update_13

sunjdkMatch1.6.0update_14

sunjdkMatch1.6.0update_15

sunjdkMatch1.6.0update_16

sunjdkMatch1.6.0update_17

sunjdkMatch1.6.0update_18

sunjdkMatch1.6.0update_19

sunjdkMatch1.6.0update_20

sunjdkMatch1.6.0update_21

sunjdkMatch1.6.0update_22

sunjdkMatch1.6.0update_23

sunjdkMatch1.6.0update_24

sunjdkMatch1.6.0update_25

sunjdkMatch1.6.0update_26

sunjdkMatch1.6.0update_3

sunjdkMatch1.6.0update_4

sunjdkMatch1.6.0update_5

sunjdkMatch1.6.0update_6

sunjdkMatch1.6.0update_7

sunjdkMatch1.6.0update1

sunjdkMatch1.6.0update2

sunjreRange≤1.6.0update_27

sunjreMatch1.6.0

sunjreMatch1.6.0update_1

sunjreMatch1.6.0update_10

sunjreMatch1.6.0update_11

sunjreMatch1.6.0update_12

sunjreMatch1.6.0update_13

sunjreMatch1.6.0update_14

sunjreMatch1.6.0update_15

sunjreMatch1.6.0update_16

sunjreMatch1.6.0update_17

sunjreMatch1.6.0update_18

sunjreMatch1.6.0update_19

sunjreMatch1.6.0update_2

sunjreMatch1.6.0update_20

sunjreMatch1.6.0update_21

sunjreMatch1.6.0update_22

sunjreMatch1.6.0update_23

sunjreMatch1.6.0update_24

sunjreMatch1.6.0update_25

sunjreMatch1.6.0update_26

sunjreMatch1.6.0update_3

sunjreMatch1.6.0update_4

sunjreMatch1.6.0update_5

sunjreMatch1.6.0update_6

sunjreMatch1.6.0update_7

CPENameOperatorVersion
sun:jdksun jdkeq1.7.0
sun:jresun jreeq1.7.0

CPE	Name	Operator	Version
sun:jdk	sun jdk	eq	1.7.0
sun:jre	sun jre	eq	1.7.0

References

lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html

marc.info/?l=bugtraq&m=132750579901589&w=2

marc.info/?l=bugtraq&m=134254866602253&w=2

marc.info/?l=bugtraq&m=134254957702612&w=2

rhn.redhat.com/errata/RHSA-2013-1455.html

secunia.com/advisories/48308

www.ibm.com/developerworks/java/jdk/alerts/

www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html

www.redhat.com/support/errata/RHSA-2011-1384.html

www.securityfocus.com/bid/50226

www.securitytracker.com/id?1026215

exchange.xforce.ibmcloud.com/vulnerabilities/70843

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14162

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

5.8 Medium

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.2%

JSON

Related for CVE-2011-3550

ubuntucve1 cvelist1 prion1 nvd1 veracode1 openvas6 nessus15 suse2 redhat3 securityvulns1 ibm1 seebug1 gentoo1