Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-50218
HistoryOct 18, 2011 - 12:00 a.m.

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability

2011-10-1800:00:00
Symantec Security Response
www.symantec.com
87

0.973 High

EPSS

Percentile

99.9%

JSON

Description

Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the ‘Scripting’ sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6 Update 27

Technologies Affected

  • Apple Mac OS X 10.6
  • Apple Mac OS X 10.6.1
  • Apple Mac OS X 10.6.2
  • Apple Mac OS X 10.6.3
  • Apple Mac OS X 10.6.4
  • Apple Mac OS X 10.6.5
  • Apple Mac OS X 10.6.5
  • Apple Mac OS X 10.6.6
  • Apple Mac OS X 10.6.7
  • Apple Mac OS X 10.6.8
  • Apple Mac OS X 10.7
  • Apple Mac OS X 10.7.1
  • Apple Mac OS X 10.7.2
  • Apple Mac OS X Server 10.6
  • Apple Mac OS X Server 10.6.1
  • Apple Mac OS X Server 10.6.2
  • Apple Mac OS X Server 10.6.3
  • Apple Mac OS X Server 10.6.4
  • Apple Mac OS X Server 10.6.5
  • Apple Mac OS X Server 10.6.6
  • Apple Mac OS X Server 10.6.7
  • Apple Mac OS X Server 10.6.8
  • Apple Mac OS X Server 10.7
  • Apple Mac OS X Server 10.7.1
  • Apple Mac OS X Server 10.7.2
  • Avaya Aura Application Enablement Services 5.2
  • Avaya Aura Application Enablement Services 5.2.1
  • Avaya Aura Application Enablement Services 5.2.2
  • Avaya Aura Application Enablement Services 5.2.3
  • Avaya Aura Application Enablement Services 6.1
  • Avaya Aura Application Enablement Services 6.1.1
  • Avaya Aura Application Server 5300 SIP Core 2.0
  • Avaya Aura Communication Manager 4.0
  • Avaya Aura Communication Manager 4.0
  • Avaya Aura Communication Manager 5.1
  • Avaya Aura Communication Manager 5.2
  • Avaya Aura Communication Manager 5.2.1
  • Avaya Aura Communication Manager Utility Services 6.0
  • Avaya Aura Communication Manager Utility Services 6.1
  • Avaya Aura Conferencing 6.0 Standard
  • Avaya Aura Conferencing 6.0.0 Standard
  • Avaya Aura Experience Portal 6.0
  • Avaya Aura Messaging 6.0
  • Avaya Aura Messaging 6.0.1
  • Avaya Aura Presence Services 6.0
  • Avaya Aura Presence Services 6.1
  • Avaya Aura Presence Services 6.1.1
  • Avaya Aura SIP Enablement Services 4.0
  • Avaya Aura SIP Enablement Services 5.0
  • Avaya Aura SIP Enablement Services 5.1
  • Avaya Aura SIP Enablement Services 5.2
  • Avaya Aura SIP Enablement Services 5.2.1
  • Avaya Aura Session Manager 1.1
  • Avaya Aura Session Manager 5.2
  • Avaya Aura Session Manager 6.0
  • Avaya Aura Session Manager 6.0 SP1
  • Avaya Aura Session Manager 6.1
  • Avaya Aura Session Manager 6.1 SP1
  • Avaya Aura Session Manager 6.1 SP2
  • Avaya Aura Session Manager 6.1.1
  • Avaya Aura Session Manager 6.1.2
  • Avaya Aura Session Manager 6.1.3
  • Avaya Aura System Manager 6.1
  • Avaya Aura System Manager 6.1 SP1
  • Avaya Aura System Manager 6.1 SP2
  • Avaya Aura System Manager 6.1.1
  • Avaya Aura System Manager 6.1.2
  • Avaya Aura System Manager 6.1.3
  • Avaya Aura System Platform 1.0
  • Avaya Aura System Platform 6.0
  • Avaya Aura System Platform 6.0 SP2
  • Avaya Aura System Platform 6.0 SP3
  • Avaya Aura System Platform 6.0.1
  • Avaya Aura System Platform 6.0.2
  • Avaya CMS Server 15.0
  • Avaya CMS Server 15.0 AUX
  • Avaya CMS Server 16.0
  • Avaya CMS Server 16.1
  • Avaya CMS Server 16.2
  • Avaya IP Office Application Server 6.0
  • Avaya IP Office Application Server 6.1
  • Avaya IP Office Application Server 7.0
  • Avaya IQ 5
  • Avaya IQ 5.1
  • Avaya IQ 5.1.1
  • Avaya IQ 5.2
  • Avaya IR 4.0
  • Avaya Interactive Response 4.0
  • Avaya Meeting Exchange 5.0
  • Avaya Meeting Exchange 5.0 SP1
  • Avaya Meeting Exchange 5.0 SP2
  • Avaya Meeting Exchange 5.0.0.0.52
  • Avaya Meeting Exchange 5.1
  • Avaya Meeting Exchange 5.1 SP1
  • Avaya Meeting Exchange 5.2
  • Avaya Meeting Exchange 5.2 SP1
  • Avaya Meeting Exchange 5.2 SP2
  • Avaya Message Networking 5.2
  • Avaya Message Networking 5.2 SP1
  • Avaya Message Networking 5.2.1
  • Avaya Message Networking 5.2.2
  • Avaya Message Networking 5.2.3
  • Avaya Message Networking 5.2.4
  • Avaya Messaging Application Server 5.2
  • Avaya Messaging Storage Server 5.2
  • Avaya Messaging Storage Server 5.2 SP1
  • Avaya Messaging Storage Server 5.2 SP2
  • Avaya Messaging Storage Server 5.2 SP3
  • Avaya Messaging Storage Server 5.2.2
  • Avaya Messaging Storage Server 5.2.8
  • Avaya Proactive Contact 4.0
  • Avaya Proactive Contact 4.0.1
  • Avaya Proactive Contact 4.1
  • Avaya Proactive Contact 4.1.1
  • Avaya Proactive Contact 4.1.2
  • Avaya Proactive Contact 4.2
  • Avaya Proactive Contact 4.2.1
  • Avaya Proactive Contact 4.2.2
  • Avaya Proactive Contact 5.0
  • Avaya Voice Portal 4.0
  • Avaya Voice Portal 4.1
  • Avaya Voice Portal 4.1 SP1
  • Avaya Voice Portal 4.1 SP2
  • Avaya Voice Portal 5.0
  • Avaya Voice Portal 5.0 SP1
  • Avaya Voice Portal 5.0 SP2
  • Avaya Voice Portal 5.1
  • Avaya Voice Portal 5.1
  • Avaya Voice Portal 5.1 SP1
  • Avaya Voice Portal 5.1.1
  • Avaya Voice Portal 5.1.2
  • Debian Linux 6.0 amd64
  • Debian Linux 6.0 arm
  • Debian Linux 6.0 ia-32
  • Debian Linux 6.0 ia-64
  • Debian Linux 6.0 mips
  • Debian Linux 6.0 powerpc
  • Debian Linux 6.0 s/390
  • Debian Linux 6.0 sparc
  • Fedoraproject Fedora 14
  • Fedoraproject Fedora 15
  • Fedoraproject Fedora 16
  • Gentoo Linux
  • HP HP-UX B.11.11
  • HP HP-UX B.11.23
  • HP HP-UX B.11.31
  • HP Network Node Manager i 9.1
  • HP NonStop Server H06.15.00
  • HP NonStop Server H06.15.01
  • HP NonStop Server H06.15.02
  • HP NonStop Server H06.16.00
  • HP NonStop Server H06.16.01
  • HP NonStop Server H06.16.02
  • HP NonStop Server H06.17.00
  • HP NonStop Server H06.17.01
  • HP NonStop Server H06.17.02
  • HP NonStop Server H06.17.03
  • HP NonStop Server H06.18.00
  • HP NonStop Server H06.18.01
  • HP NonStop Server H06.18.02
  • HP NonStop Server H06.19.00
  • HP NonStop Server H06.19.01
  • HP NonStop Server H06.19.02
  • HP NonStop Server H06.19.03
  • HP NonStop Server H06.20.00
  • HP NonStop Server H06.20.01
  • HP NonStop Server H06.20.02
  • HP NonStop Server H06.20.03
  • HP NonStop Server H06.21.00
  • HP NonStop Server H06.21.01
  • HP NonStop Server H06.21.02
  • HP NonStop Server H06.22.00
  • HP NonStop Server H06.22.01
  • HP NonStop Server H06.23
  • HP NonStop Server H06.24
  • HP NonStop Server H06.24.01
  • HP NonStop Server H06.25
  • HP NonStop Server H06.25.01
  • HP NonStop Server H06.26
  • HP NonStop Server H06.26.01
  • HP NonStop Server H06.27
  • HP NonStop Server J06.04.00
  • HP NonStop Server J06.04.01
  • HP NonStop Server J06.04.02
  • HP NonStop Server J06.05.00
  • HP NonStop Server J06.05.01
  • HP NonStop Server J06.05.02
  • HP NonStop Server J06.06.00
  • HP NonStop Server J06.06.01
  • HP NonStop Server J06.06.02
  • HP NonStop Server J06.06.03
  • HP NonStop Server J06.07.00
  • HP NonStop Server J06.07.01
  • HP NonStop Server J06.07.02
  • HP NonStop Server J06.08.00
  • HP NonStop Server J06.08.01
  • HP NonStop Server J06.08.02
  • HP NonStop Server J06.08.03
  • HP NonStop Server J06.08.04
  • HP NonStop Server J06.09.00
  • HP NonStop Server J06.09.01
  • HP NonStop Server J06.09.02
  • HP NonStop Server J06.09.03
  • HP NonStop Server J06.09.04
  • HP NonStop Server J06.10.00
  • HP NonStop Server J06.10.01
  • HP NonStop Server J06.10.02
  • HP NonStop Server J06.11.00
  • HP NonStop Server J06.11.01
  • HP NonStop Server J06.12.00
  • HP NonStop Server J06.13
  • HP NonStop Server J06.13.01
  • HP NonStop Server J06.14
  • HP NonStop Server J06.14.02
  • HP NonStop Server J06.15
  • HP NonStop Server J06.15.01
  • HP NonStop Server J06.16
  • HP NonStop Server J6.0.14.01
  • IBM Java SE 6
  • IBM Java SE 6 SR8 FP1
  • IBM Java SE 6.0
  • IBM Java SE 6.0 SR5
  • IBM Java SE 6.0 SR6
  • IBM Java SE 6.0 SR7
  • IBM Java SE 6.0.0 SR9
  • IBM Java SE 6.0.0 SR9-FP2
  • IBM Java SE 7
  • IBM Java SE 7.0
  • IBM Rational AppScan Enterprise 8.0.0
  • IBM Rational AppScan Enterprise 8.0.0.1
  • IBM Rational AppScan Enterprise 8.0.1
  • IBM Rational AppScan Enterprise 8.0.1.1
  • IBM Rational AppScan Enterprise 8.5.0.1
  • IBM Rational AppScan Enterprise 8.6
  • IBM Rational AppScan Standard 7.8
  • IBM Rational AppScan Standard 8.0.0
  • IBM Rational AppScan Standard 8.0.0.3
  • IBM Rational AppScan Standard 8.5.0.1
  • IBM Rational Policy Tester 8.0
  • IBM Rational Policy Tester 8.5
  • IBM Rational Policy Tester 8.5.0.1
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2010.1
  • Mandriva Linux Mandrake 2010.1 X86 64
  • Mandriva Linux Mandrake 2011
  • Mandriva Linux Mandrake 2011 x86_64
  • OpenJDK OpenJDK 1.6.0
  • OpenJDK OpenJDK 6
  • Oracle Enterprise Linux 5
  • Oracle Enterprise Linux 6
  • Oracle JDK (Linux Production Release) 1.6.0_22
  • Oracle JDK (Linux Production Release) 1.6.0_23
  • Oracle JDK (Linux Production Release) 1.6.0_24
  • Oracle JDK (Linux Production Release) 1.6.0_25
  • Oracle JDK (Linux Production Release) 1.6.0_26
  • Oracle JDK (Linux Production Release) 1.6.0_27
  • Oracle JDK (Linux Production Release) 1.7.0
  • Oracle JDK (Solaris Production Release) 1.6.0_22
  • Oracle JDK (Solaris Production Release) 1.6.0_23
  • Oracle JDK (Solaris Production Release) 1.6.0_24
  • Oracle JDK (Solaris Production Release) 1.6.0_25
  • Oracle JDK (Solaris Production Release) 1.6.0_26
  • Oracle JDK (Solaris Production Release) 1.6.0_27
  • Oracle JDK (Solaris Production Release) 1.7.0
  • Oracle JDK (Windows Production Release) 1.6.0_22
  • Oracle JDK (Windows Production Release) 1.6.0_23
  • Oracle JDK (Windows Production Release) 1.6.0_24
  • Oracle JDK (Windows Production Release) 1.6.0_25
  • Oracle JDK (Windows Production Release) 1.6.0_26
  • Oracle JDK (Windows Production Release) 1.6.0_27
  • Oracle JDK (Windows Production Release) 1.7.0
  • Oracle JRE (Linux Production Release) 1.6.0_22
  • Oracle JRE (Linux Production Release) 1.6.0_23
  • Oracle JRE (Linux Production Release) 1.6.0_24
  • Oracle JRE (Linux Production Release) 1.6.0_25
  • Oracle JRE (Linux Production Release) 1.6.0_26
  • Oracle JRE (Linux Production Release) 1.6.0_27
  • Oracle JRE (Solaris Production Release) 1.6.0_22
  • Oracle JRE (Solaris Production Release) 1.6.0_23
  • Oracle JRE (Solaris Production Release) 1.6.0_24
  • Oracle JRE (Solaris Production Release) 1.6.0_25
  • Oracle JRE (Solaris Production Release) 1.6.0_26
  • Oracle JRE (Solaris Production Release) 1.6.0_27
  • Oracle JRE (Windows Production Release) 1.6.0_22
  • Oracle JRE (Windows Production Release) 1.6.0_23
  • Oracle JRE (Windows Production Release) 1.6.0_24
  • Oracle JRE (Windows Production Release) 1.6.0_25
  • Oracle JRE (Windows Production Release) 1.6.0_26
  • Oracle JRE (Windows Production Release) 1.6.0_27
  • Panda Antivirus 1.6.0 Update 1
  • Panda Antivirus 1.6.0 Update 10
  • Panda Antivirus 1.6.0 Update 11
  • Panda Antivirus 1.6.0 Update 12
  • Panda Antivirus 1.6.0 Update 13
  • Panda Antivirus 1.6.0 Update 14
  • Panda Antivirus 1.6.0 Update 15
  • Panda Antivirus 1.6.0 Update 16
  • Panda Antivirus 1.6.0 Update 17
  • Panda Antivirus 1.6.0 Update 18
  • Panda Antivirus 1.6.0 Update 19
  • Panda Antivirus 1.6.0 Update 2
  • Panda Antivirus 1.6.0 Update 20
  • Panda Antivirus 1.6.0 Update 21
  • Panda Antivirus 1.6.0 Update 3
  • Panda Antivirus 1.6.0 Update 4
  • Panda Antivirus 1.6.0 Update 5
  • Panda Antivirus 1.6.0 Update 6
  • Panda Antivirus 1.6.0 Update 7
  • Redhat Desktop Extras 4
  • Redhat Enterprise Linux 5 Server
  • Redhat Enterprise Linux AS Extras 4
  • Redhat Enterprise Linux Desktop 5 Client
  • Redhat Enterprise Linux Desktop 6
  • Redhat Enterprise Linux Desktop Optional 6
  • Redhat Enterprise Linux Desktop Supplementary 5 Client
  • Redhat Enterprise Linux Desktop Supplementary 6
  • Redhat Enterprise Linux ES Extras 4
  • Redhat Enterprise Linux Extras 4
  • Redhat Enterprise Linux HPC Node 6
  • Redhat Enterprise Linux HPC Node Optional 6
  • Redhat Enterprise Linux HPC Node Supplementary 6
  • Redhat Enterprise Linux Server 6
  • Redhat Enterprise Linux Server Optional 6
  • Redhat Enterprise Linux Server Supplementary 6
  • Redhat Enterprise Linux Supplementary 5 Server
  • Redhat Enterprise Linux WS Extras 4
  • Redhat Enterprise Linux Workstation 6
  • Redhat Enterprise Linux Workstation Optional 6
  • Redhat Enterprise Linux Workstation Supplementary 6
  • Schneider-Electric Trio TView Software 3.27.0
  • SuSE SUSE Linux Enterprise Java 10 SP4
  • SuSE SUSE Linux Enterprise Java 11 SP1
  • SuSE SUSE Linux Enterprise SDK 11 SP1
  • SuSE SUSE Linux Enterprise Server 10 SP4
  • SuSE SUSE Linux Enterprise Server 11 SP1
  • SuSE SUSE Linux Enterprise Server 11 SP1 for SP2
  • SuSE SUSE Linux Enterprise Server for VMware 11 SP1
  • SuSE SUSE Linux Enterprise Software Development Kit 11 SP1 for SP2
  • Sun JDK (Linux Production Release) 1.6.0 17
  • Sun JDK (Linux Production Release) 1.6.0 01
  • Sun JDK (Linux Production Release) 1.6.0 01-B06
  • Sun JDK (Linux Production Release) 1.6.0 02
  • Sun JDK (Linux Production Release) 1.6.0 03
  • Sun JDK (Linux Production Release) 1.6.0 04
  • Sun JDK (Linux Production Release) 1.6.0 05
  • Sun JDK (Linux Production Release) 1.6.0 06
  • Sun JDK (Linux Production Release) 1.6.0 07
  • Sun JDK (Linux Production Release) 1.6.0 10
  • Sun JDK (Linux Production Release) 1.6.0 11
  • Sun JDK (Linux Production Release) 1.6.0 13
  • Sun JDK (Linux Production Release) 1.6.0 14
  • Sun JDK (Linux Production Release) 1.6.0 15
  • Sun JDK (Linux Production Release) 1.6.0 18
  • Sun JDK (Linux Production Release) 1.6.0 19
  • Sun JDK (Linux Production Release) 1.6.0 20
  • Sun JDK (Linux Production Release) 1.6.0
  • Sun JDK (Linux Production Release) 1.6.0 Update 10
  • Sun JDK (Linux Production Release) 1.6.0 Update 11
  • Sun JDK (Linux Production Release) 1.6.0 Update 12
  • Sun JDK (Linux Production Release) 1.6.0 Update 13
  • Sun JDK (Linux Production Release) 1.6.0 Update 14
  • Sun JDK (Linux Production Release) 1.6.0 Update 15
  • Sun JDK (Linux Production Release) 1.6.0 Update 16
  • Sun JDK (Linux Production Release) 1.6.0 Update 17
  • Sun JDK (Linux Production Release) 1.6.0 Update 18
  • Sun JDK (Linux Production Release) 1.6.0 Update 19
  • Sun JDK (Linux Production Release) 1.6.0 Update 20
  • Sun JDK (Linux Production Release) 1.6.0 Update 21
  • Sun JDK (Linux Production Release) 1.6.0 Update 3
  • Sun JDK (Linux Production Release) 1.6.0 Update 4
  • Sun JDK (Linux Production Release) 1.6.0 Update 5
  • Sun JDK (Linux Production Release) 1.6.0 Update 6
  • Sun JDK (Linux Production Release) 1.6.0 Update 7
  • Sun JDK (Linux Production Release) 1.6.0_21
  • Sun JDK (Solaris Production Release) 1.6.0 17
  • Sun JDK (Solaris Production Release) 1.6.0 01
  • Sun JDK (Solaris Production Release) 1.6.0 01-B06
  • Sun JDK (Solaris Production Release) 1.6.0 02
  • Sun JDK (Solaris Production Release) 1.6.0 03
  • Sun JDK (Solaris Production Release) 1.6.0 04
  • Sun JDK (Solaris Production Release) 1.6.0 05
  • Sun JDK (Solaris Production Release) 1.6.0 06
  • Sun JDK (Solaris Production Release) 1.6.0 07
  • Sun JDK (Solaris Production Release) 1.6.0 10
  • Sun JDK (Solaris Production Release) 1.6.0 11
  • Sun JDK (Solaris Production Release) 1.6.0 13
  • Sun JDK (Solaris Production Release) 1.6.0 14
  • Sun JDK (Solaris Production Release) 1.6.0 15
  • Sun JDK (Solaris Production Release) 1.6.0 18
  • Sun JDK (Solaris Production Release) 1.6.0 19
  • Sun JDK (Solaris Production Release) 1.6.0 20
  • Sun JDK (Solaris Production Release) 1.6.0
  • Sun JDK (Solaris Production Release) 1.6.0_21
  • Sun JDK (Windows Production Release) 1.6.0 17
  • Sun JDK (Windows Production Release) 1.6.0 01
  • Sun JDK (Windows Production Release) 1.6.0 01-B06
  • Sun JDK (Windows Production Release) 1.6.0 02
  • Sun JDK (Windows Production Release) 1.6.0 03
  • Sun JDK (Windows Production Release) 1.6.0 04
  • Sun JDK (Windows Production Release) 1.6.0 05
  • Sun JDK (Windows Production Release) 1.6.0 06
  • Sun JDK (Windows Production Release) 1.6.0 07
  • Sun JDK (Windows Production Release) 1.6.0 10
  • Sun JDK (Windows Production Release) 1.6.0 11
  • Sun JDK (Windows Production Release) 1.6.0 13
  • Sun JDK (Windows Production Release) 1.6.0 14
  • Sun JDK (Windows Production Release) 1.6.0 15
  • Sun JDK (Windows Production Release) 1.6.0 18
  • Sun JDK (Windows Production Release) 1.6.0 19
  • Sun JDK (Windows Production Release) 1.6.0 20
  • Sun JDK (Windows Production Release) 1.6.0
  • Sun JDK (Windows Production Release) 1.6.0_21
  • Sun JRE (Linux Production Release) 1.6.0 17
  • Sun JRE (Linux Production Release) 1.6.0 01
  • Sun JRE (Linux Production Release) 1.6.0 02
  • Sun JRE (Linux Production Release) 1.6.0 03
  • Sun JRE (Linux Production Release) 1.6.0 04
  • Sun JRE (Linux Production Release) 1.6.0 05
  • Sun JRE (Linux Production Release) 1.6.0 06
  • Sun JRE (Linux Production Release) 1.6.0 07
  • Sun JRE (Linux Production Release) 1.6.0 10
  • Sun JRE (Linux Production Release) 1.6.0 11
  • Sun JRE (Linux Production Release) 1.6.0 12
  • Sun JRE (Linux Production Release) 1.6.0 13
  • Sun JRE (Linux Production Release) 1.6.0 14
  • Sun JRE (Linux Production Release) 1.6.0 15
  • Sun JRE (Linux Production Release) 1.6.0 18
  • Sun JRE (Linux Production Release) 1.6.0 19
  • Sun JRE (Linux Production Release) 1.6.0 20
  • Sun JRE (Linux Production Release) 1.6.0
  • Sun JRE (Linux Production Release) 1.6.0_21
  • Sun JRE (Linux Production Release) 1.7
  • Sun JRE (Solaris Production Release) 1.6.0 17
  • Sun JRE (Solaris Production Release) 1.6.0 01
  • Sun JRE (Solaris Production Release) 1.6.0 02
  • Sun JRE (Solaris Production Release) 1.6.0 03
  • Sun JRE (Solaris Production Release) 1.6.0 04
  • Sun JRE (Solaris Production Release) 1.6.0 05
  • Sun JRE (Solaris Production Release) 1.6.0 06
  • Sun JRE (Solaris Production Release) 1.6.0 07
  • Sun JRE (Solaris Production Release) 1.6.0 10
  • Sun JRE (Solaris Production Release) 1.6.0 11
  • Sun JRE (Solaris Production Release) 1.6.0 12
  • Sun JRE (Solaris Production Release) 1.6.0 13
  • Sun JRE (Solaris Production Release) 1.6.0 14
  • Sun JRE (Solaris Production Release) 1.6.0 15
  • Sun JRE (Solaris Production Release) 1.6.0 18
  • Sun JRE (Solaris Production Release) 1.6.0 19
  • Sun JRE (Solaris Production Release) 1.6.0 2
  • Sun JRE (Solaris Production Release) 1.6.0
  • Sun JRE (Solaris Production Release) 1.6.0_21
  • Sun JRE (Solaris Production Release) 1.7
  • Sun JRE (Windows Production Release) 1.6.0 17
  • Sun JRE (Windows Production Release) 1.6.0 01
  • Sun JRE (Windows Production Release) 1.6.0 02
  • Sun JRE (Windows Production Release) 1.6.0 03
  • Sun JRE (Windows Production Release) 1.6.0 04
  • Sun JRE (Windows Production Release) 1.6.0 05
  • Sun JRE (Windows Production Release) 1.6.0 06
  • Sun JRE (Windows Production Release) 1.6.0 07
  • Sun JRE (Windows Production Release) 1.6.0 10
  • Sun JRE (Windows Production Release) 1.6.0 11
  • Sun JRE (Windows Production Release) 1.6.0 12
  • Sun JRE (Windows Production Release) 1.6.0 13
  • Sun JRE (Windows Production Release) 1.6.0 14
  • Sun JRE (Windows Production Release) 1.6.0 15
  • Sun JRE (Windows Production Release) 1.6.0 18
  • Sun JRE (Windows Production Release) 1.6.0 19
  • Sun JRE (Windows Production Release) 1.6.0 2
  • Sun JRE (Windows Production Release) 1.6.0 20
  • Sun JRE (Windows Production Release) 1.6.0
  • Sun JRE (Windows Production Release) 1.6.0_21
  • Sun JRE (Windows Production Release) 1.7
  • Ubuntu Ubuntu Linux 10.04 ARM
  • Ubuntu Ubuntu Linux 10.04 Amd64
  • Ubuntu Ubuntu Linux 10.04 I386
  • Ubuntu Ubuntu Linux 10.04 Powerpc
  • Ubuntu Ubuntu Linux 10.04 Sparc
  • Ubuntu Ubuntu Linux 10.10 ARM
  • Ubuntu Ubuntu Linux 10.10 amd64
  • Ubuntu Ubuntu Linux 10.10 i386
  • Ubuntu Ubuntu Linux 10.10 powerpc
  • Ubuntu Ubuntu Linux 11.04 ARM
  • Ubuntu Ubuntu Linux 11.04 amd64
  • Ubuntu Ubuntu Linux 11.04 i386
  • Ubuntu Ubuntu Linux 11.04 powerpc
  • Ubuntu Ubuntu Linux 11.10 amd64
  • Ubuntu Ubuntu Linux 11.10 i386
  • VMWare ESX 3.5
  • VMWare ESX 4.0
  • VMWare ESX 4.1
  • VMWare Update Manager 5.0
  • VMWare VirtualCenter 2.5
  • VMWare vCenter 4.0
  • VMWare vCenter 4.1
  • VMWare vCenter 5.0
  • Xerox FreeFlow Print Server (FFPS) 73.B3.61
  • Xerox FreeFlow Print Server (FFPS) 73.C0.41

Recommendations

Block external access at the network boundary, unless external parties require service.
Filter access to the affected computer at the network boundary if global access isn’t needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity including unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Do not follow links provided by unknown or untrusted sources.
Web users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.

Set web browser security to disable the execution of script code or active content.
Disabling the execution of script code in the browser may limit exposure to this and other latent vulnerabilities.

Run all software as a nonprivileged user with minimal access rights.
To limit the impact of latent vulnerabilities, configure applications to run as a nonadministrative user with minimal access rights.

Updates are available. Please see the references for more information. The payloads delivered by the exploit kits are detected by Symantec as ‘Trojan.Zbot’ and ‘Trojan.Horse’.

Related

saint 8
symantec 4
threatpost 16
prion 2
nessus 33
openvas 65
cisa_kev 2
cert 1
packetstorm 2
zdt 1
attackerkb 3
seebug 5
cve 2
checkpoint_advisories 3
metasploit 1
thn 2
canvas 1
zdi 1
veracode 1
securityvulns 4
ubuntucve 1
exploitdb 1
fireeye 1
osv 2
fedora 18
debian 2
redhat 5
oraclelinux 1
centos 1
amazon 1
ubuntu 2
suse 2
ibm 1
securelist 1
gentoo 2
saint
saint
Internet Explorer CGenericElement Object Use-after-free Vulnerability
2013-05-08 00:00:00
Internet Explorer CGenericElement Object Use-after-free Vulnerability
2013-05-08 00:00:00
Internet Explorer CGenericElement Object Use-after-free Vulnerability
2013-05-08 00:00:00
symantec
symantec
Microsoft Internet Explorer CVE-2013-1347 Use-After-Free Remote Code Execution Vulnerability
2013-05-03 00:00:00
Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability
2013-02-28 00:00:00
Adobe Acrobat and Reader CVE-2010-0188 Remote Code Execution Vulnerability
2010-02-11 00:00:00
threatpost
threatpost
USAID a Target of DoL Watering Hole Attackers
2013-05-13 10:52:56
Microsoft Patches IE Zero Day Used In Watering Hole Attack
2013-05-14 16:14:18
New Trojan For Mac Used In Attacks On Tibetan NGOs
2012-03-21 18:31:56
prion
prion
Code injection
2013-05-05 11:07:00
Design/Logic Flaw
2011-10-19 21:55:00
nessus
nessus
MS13-038: Security Update for Internet Explorer (2847204)
2013-05-15 00:00:00
MS KB2847140: Vulnerability in Internet Explorer 8 Could Allow Remote Code Execution (deprecated)
2013-05-09 00:00:00
Fedora 16 : java-1.7.0-openjdk-1.7.0.1-2.0.2.fc16 (2011-15555)
2011-11-14 00:00:00
openvas
openvas
MS Internet Explorer Remote Code Execution Vulnerability (2847140)
2013-05-06 00:00:00
MS Internet Explorer Remote Code Execution Vulnerability (2847140)
2013-05-06 00:00:00
Oracle Java SE 6, 7 Multiple Vulnerabilities (cpuoct2011) - Windows
2011-11-15 00:00:00
cisa_kev
cisa_kev
Microsoft Internet Explorer Remote Code Execution Vulnerability
2022-03-03 00:00:00
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
2022-03-03 00:00:00
cert
cert
Microsoft Internet Explorer 8 CGenericElement object use-after-free vulnerability
2013-05-06 00:00:00
packetstorm
packetstorm
Microsoft Internet Explorer CGenericElement Object Use-After-Free
2013-05-07 00:00:00
Java Applet Rhino Script Engine Remote Code Execution
2011-11-30 00:00:00
zdt
zdt
Microsoft Internet Explorer CGenericElement Object Use-After-Free
2013-05-07 00:00:00
attackerkb
attackerkb
Microsoft Internet Explorer CGenericElement Use-After-Free
2013-05-05 00:00:00
CVE-2011-3544
2011-10-19 00:00:00
Microsoft Internet Explorer SetMouseCapture Use-After-Free
2020-10-14 00:00:00
seebug
seebug
Microsoft IE 8远程代码执行漏洞(CVE-2013-1347)
2013-05-07 00:00:00
Microsoft Internet Explorer 释放后重用远程代码执行漏洞(CVE-2013-1347)(MS13-038)
2013-05-17 00:00:00
Java Applet Rhino Script Engine Remote Code Execution
2014-07-01 00:00:00
cve
cve
CVE-2013-1347
2013-05-05 11:07:00
CVE-2011-3544
2011-10-19 21:55:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer 8 Use After Free Code Execution - Zero Day (CVE-2013-1347)
2013-05-05 00:00:00
Oracle Java Applet Rhino Script Engine Policy Bypass (CVE-2011-3544)
2012-03-19 00:00:00
Infinity Exploit Kit Landing Page (CVE-2013-1347; CVE-2013-2423; CVE-2013-2465; CVE-2014-0322; CVE-2014-0502; CVE-2014-1776)
2014-06-10 00:00:00
metasploit
metasploit
Java Applet Rhino Script Engine Remote Code Execution
2011-11-30 00:05:20
thn
thn
Office based Trojan threat for Mac OS X by Chinese hackers
2012-03-29 17:25:00
Kaspersky finds Malware that resides in your RAM
2012-03-20 13:48:00
canvas
canvas
Immunity Canvas: JAVA_RHINO
2011-10-19 21:55:00
zdi
zdi
Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability
2011-10-26 00:00:00
veracode
veracode
Authorization Bypass
2019-05-02 04:55:59
securityvulns
securityvulns
ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability
2011-10-31 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2013-05-27 00:00:00
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6
2011-11-11 00:00:00
ubuntucve
ubuntucve
CVE-2011-3544
2011-10-19 00:00:00
exploitdb
exploitdb
Java Applet Rhino Script Engine - Remote Code Execution (Metasploit)
2011-11-30 00:00:00
fireeye
fireeye
Internet Explorer 8 Exploit Found in Watering Hole Campaign Targeting Chinese Dissidents
2013-03-20 17:26:00
osv
osv
openjdk-6 - several
2011-12-01 00:00:00
openjdk-6 - several
2011-12-05 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: java-1.7.0-openjdk-1.7.0.1-2.0.2.fc16
2011-11-10 17:36:54
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-60.1.10.4.fc16
2011-11-05 01:27:14
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16
2012-09-19 03:03:35
debian
debian
[SECURITY] [DSA 2356-1] openjdk-6 security update
2011-12-01 20:33:15
[SECURITY] [DSA 2358-1] openjdk-6 security update
2011-12-05 19:26:27
redhat
redhat
(RHSA-2011:1380) Critical: java-1.6.0-openjdk security update
2011-10-18 00:00:00
(RHSA-2012:0034) Critical: java-1.6.0-ibm security update
2012-01-18 00:00:00
(RHSA-2011:1384) Critical: java-1.6.0-sun security update
2011-10-19 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-10-18 00:00:00
centos
centos
java security update
2011-10-19 21:07:19
amazon
amazon
Critical: java-1.6.0-openjdk
2011-10-31 18:22:00
ubuntu
ubuntu
IcedTea-Web, OpenJDK 6 vulnerabilities
2011-11-16 00:00:00
OpenJDK 6 regression
2012-01-24 00:00:00
suse
suse
Security update for IBM Java 1.6.0 (important)
2012-03-06 21:08:29
Security update for IBM Java (important)
2012-01-23 17:08:23
ibm
ibm
Potential Security Vulnerabilities With JavaTM SDKs
2018-06-17 14:01:55
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00

0.973 High

EPSS

Percentile

99.9%

JSON
Related for SMNTC-50218
saint8symantec4threatpost16prion2nessus33openvas65cisa_kev2cert1packetstorm2zdt1attackerkb3seebug5cve2checkpoint_advisories3metasploit1thn2canvas1zdi1veracode1securityvulns4ubuntucve1exploitdb1fireeye1osv2fedora18debian2redhat5oraclelinux1centos1amazon1ubuntu2suse2ibm1securelist1gentoo2