9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.5 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.7%
10/17/2017
High
Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities to cause denial of service and bypass security restrictions.
Java SE 6 versions earlier than 6u161
Java SE 7 versions earlier than 7u151
Java SE 8 versions earlier than 8u151
Java SE Embedded versions earlier than 8u151
Java SE version 9
JRockit R28.3.15
Update to the latest version
Software downloads
Oracle Critical Patch Update Advisory – October 2017
ACE
CVE-2017-102744.0Warning
CVE-2017-102815.0Warning
CVE-2017-102856.8High
CVE-2017-102935.8High
CVE-2017-102954.3Warning
CVE-2017-103096.8High
CVE-2017-103414.3Warning
CVE-2017-103425.0Warning
CVE-2017-103452.6Warning
CVE-2017-103466.8High
CVE-2017-103475.0Warning
CVE-2017-103485.0Warning
CVE-2017-103495.0Warning
CVE-2017-103505.0Warning
CVE-2017-103555.0Warning
CVE-2017-103562.1Warning
CVE-2017-103575.0Warning
CVE-2017-103804.0Warning
CVE-2017-103864.9Warning
CVE-2017-103885.1High
Public exploits exist for this vulnerability.
www.oracle.com/technetwork/indexes/downloads/index.html
www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10293
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10309
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10341
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10342
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10380
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10386
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.8.x-3/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.8.x/
threats.kaspersky.com/en/product/Oracle-JRockit/
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.5 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.7%