Lucene search
Tenable700090.PRMHistoryMay 10, 2017 - 12:00 a.m.
Oracle Java SE 6 < Update 151 / 7 < Update 141 / 8 < Update 131 Multiple Vulnerabilities
2017-05-1000:00:00
Tenable
www.tenable.com
23
The version of Oracle Java SE installed on the remote host is prior to 6 Update 151, 7 Update 141, or 8 Update 131, and is therefore affected by multiple vulnerabilities :
- An unspecified flaw exists in the Networking subcomponent that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-3509)
- An unspecified flaw exists in the JCE subcomponent that allows a local attacker to gain elevated privileges. This vulnerability does not affect Java SE version 6. (CVE-2017-3511)
- An unspecified flaw exists in the AWT subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. This vulnerability does not affect Java SE version 6. (CVE-2017-3512)
- An unspecified flaw exists in the AWT subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3514)
- An unspecified flaw exists in the JAXP subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-3526)
- Multiple unspecified flaws exist in the Networking subcomponent that allow an unauthenticated, remote attacker to gain update, insert, or delete access to unauthorized data. (CVE-2017-3533, CVE-2017-3544)
- An unspecified flaw exists in the Security subcomponent that allows an unauthenticated, remote attacker to gain update, insert, or delete access to unauthorized data. (CVE-2017-3539)
Binary data 700090.prmReferences
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3512
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3514
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544
www.oracle.com/ocom/groups/public/@otn/documents/webcontent/3681811.xml
www.oracle.com/technetwork/java/javase/8u131-relnotes-3565278.html
www.oracle.com/technetwork/java/javase/documentation/overview-156328.html
www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.h
www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA
Related
suse
suse
Security update for java-1_8_0-openjdk (important)
2017-05-30 18:15:32
Security update for java-1_8_0-openjdk (important)
2017-06-08 18:10:18
Security update for java-1_7_0-openjdk (important)
2017-05-28 03:13:20
nessus
nessus
GLSA-201705-03 : Oracle JDK/JRE: Multiple vulnerabilities
2017-05-08 00:00:00
openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2017-662)
2017-06-09 00:00:00
gentoo
gentoo
Oracle JDK/JRE: Multiple vulnerabilities
2017-05-07 00:00:00
IcedTea: Multiple vulnerabilities
2017-07-05 00:00:00
openvas
openvas
openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2017:1507-1)
2017-06-09 00:00:00
openSUSE: Security Advisory for java-1_7_0-openjdk (openSUSE-SU-2017:1429-1)
2017-05-28 00:00:00
Oracle Java SE Security Updates (cpuapr2017-3236618) 01 - Windows
2017-04-19 00:00:00
ibm
ibm
kaspersky
kaspersky
KLA11005 Multiple vulnerabilities in Oracle Java SE
2017-04-24 00:00:00
KLA11006 Multiple vulnerabilities in Oracle Java SE
2017-04-24 00:00:00
osv
osv
openjdk-7 - security update
2017-05-19 00:00:00
openjdk-7 - security update
2017-05-26 00:00:00
redhat
redhat
(RHSA-2017:1118) Moderate: java-1.7.0-oracle security update
2017-04-24 06:49:21
(RHSA-2017:1117) Moderate: java-1.8.0-oracle security update
2017-04-24 06:49:02
(RHSA-2017:1119) Moderate: java-1.6.0-sun security update
2017-04-24 06:49:36
debian
debian
[SECURITY] [DLA 954-1] openjdk-7 security update
2017-05-26 16:57:18
[SECURITY] [DSA 3858-1] openjdk-7 security update
2017-05-19 20:54:31
ubuntu
ubuntu
OpenJDK 7 regression
2017-05-18 00:00:00
OpenJDK 8 vulnerabilities
2017-05-11 00:00:00
OpenJDK 7 vulnerabilities
2017-05-15 00:00:00
oraclelinux
oraclelinux
java-1.8.0-openjdk security update
2017-04-20 00:00:00
java-1.7.0-openjdk security update
2017-05-09 00:00:00
java-1.8.0-openjdk security and bug fix update
2017-04-20 00:00:00
centos
centos
java security update
2017-05-09 16:59:58
java security update
2017-04-20 22:44:32
java security update
2017-04-20 23:21:35
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerability
2017-05-01 02:33:52
amazon
amazon
Medium: java-1.7.0-openjdk
2017-06-06 16:33:00
Medium: java-1.8.0-openjdk
2017-05-09 23:21:00
aix
aix
There are multiple vulnerabilities in IBM SDK Java Technology Edition
2017-06-21 15:44:57
prion
prion
Design/Logic Flaw
2017-04-24 19:59:00
Design/Logic Flaw
2017-04-24 19:59:00
Design/Logic Flaw
2017-04-24 19:59:00
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:10:13
Unauthorized Modification
2019-05-02 06:10:13
Unauthorized Modification
2019-05-02 06:10:13
seebug
seebug
Code Injection through DLL Sideloading in 64bit Oracle Java(CVE-2017-3511)
2017-05-26 00:00:00
packetstorm
packetstorm
Oracle Java 64bit DLL Hijacking
2017-04-21 00:00:00
archlinux
archlinux
[ASA-201708-8] jdk7-openjdk: multiple issues
2017-08-12 00:00:00
Related for 700090.PRM