The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 11 Update 1, 8 Update 191, 7 Update 201, or 6 Update 211. It is, therefore, affected by multiple vulnerabilities related to the following components :
An unspecified vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE in the Deployment (libpng) subcomponent could allow an unauthenticated, remote attacker with network access via HTTP to compromise Java SE, Java SE Embedded. (CVE-2018-13785)
An unspecified vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE in the Hotspot subcomponent could allow an unauthenticated, remote attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. (CVE-2018-3169)
An unspecified vulnerability in the Java SE component of Oracle Java SE in the JavaFX subcomponent could allow an unauthenticated, remote attacker with network access via multiple protocols to compromise Java SE.
(CVE-2018-3209)
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE in the JNDI subcomponent could allow an unauthenticated, remote attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit.
(CVE-2018-3149)
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE in the JSSE subcomponent could allow an unauthenticated, remote attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded, JRockit.
(CVE-2018-3180)
An unspecified vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE in the Networking subcomponent could allow an unauthenticated, remote attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.
(CVE-2018-3139)
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE in the Scripting subcomponent could allow an unauthenticated, remote attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. (CVE-2018-3183)
An unspecified vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE in the Security subcomponent could allow an unauthenticated, remote attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. (CVE-2018-3136)
An unspecified vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE in the Serviceability subcomponent could allow a low privileged attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java SE Embedded. (CVE-2018-3211)
An unspecified vulnerability in the Java SE component of Oracle Java SE in the Sound subcomponent could allow an unauthenticated, remote attacker with network access via multiple protocols to compromise Java SE.
(CVE-2018-3157)
An unspecified vulnerability in the Java SE component of Oracle Java SE in the Utility subcomponent could allow an unauthenticated, remote attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-3150)
Binary data 700659.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3136
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3139
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3149
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3150
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3157
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3169
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3180
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3183
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3209
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3211
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3214
www.nessus.org/u?278f2590
www.nessus.org/u?2fbcacca
www.nessus.org/u?705136d8
www.nessus.org/u?adc8ef52
www.nessus.org/u?de812f33