KLA11234Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit

2018-04-17T00:00:00
ID KLA11234
Type kaspersky
Reporter Kaspersky Lab
Modified 2020-05-22T00:00:00

Description

Detect date:

04/17/2018

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information, cause denial of service and perform unspecified attacks.

Affected products:

Java SE 6u181 and earlier
Java SE 7u171 and earlier
Java SE 8u171 and earlier
Java SE 10.0.1 and earlier
Java SE Embedded 8u161 and earlier
JRockit R28.3.17 and earlier

Solution:

Update to the latest version
Oracle software downloads

Original advisories:

Oracle Critical Patch Update Advisory – April 2018

Impacts:

ACE

Related products:

Oracle Java JRE 1.7.x

CVE-IDS:

CVE-2018-28113.7Warning
CVE-2018-28145.1High
CVE-2018-28155.0Critical
CVE-2018-27835.8High
CVE-2018-28265.1High
CVE-2018-27902.6Warning
CVE-2018-28255.1High
CVE-2018-27943.7Warning
CVE-2018-27955.0Critical
CVE-2018-27965.0Critical
CVE-2018-27975.0Critical
CVE-2018-27985.0Critical
CVE-2018-27995.0Critical
CVE-2018-28004.0Warning