Oracle Java SE 6 < Update 151 / 7 < Update 141 / 8 < Update 131 Multiple Vulnerabilities

2017-05-10T00:00:00
ID 700090.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00

Description

The version of Oracle Java SE installed on the remote host is prior to 6 Update 151, 7 Update 141, or 8 Update 131, and is therefore affected by multiple vulnerabilities :

  • An unspecified flaw exists in the Networking subcomponent that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-3509)
  • An unspecified flaw exists in the JCE subcomponent that allows a local attacker to gain elevated privileges. This vulnerability does not affect Java SE version 6. (CVE-2017-3511)
  • An unspecified flaw exists in the AWT subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. This vulnerability does not affect Java SE version 6. (CVE-2017-3512)
  • An unspecified flaw exists in the AWT subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3514)
  • An unspecified flaw exists in the JAXP subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-3526)
  • Multiple unspecified flaws exist in the Networking subcomponent that allow an unauthenticated, remote attacker to gain update, insert, or delete access to unauthorized data. (CVE-2017-3533, CVE-2017-3544)
  • An unspecified flaw exists in the Security subcomponent that allows an unauthenticated, remote attacker to gain update, insert, or delete access to unauthorized data. (CVE-2017-3539)

                                        
                                            Binary data 700090.prm