Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-2769
HistoryJul 23, 2019 - 12:00 a.m.

CVE-2019-2769

2019-07-2300:00:00
ubuntu.com
ubuntu.com
24
vulnerability
oracle java se
unauthorized access
denial of service
partial dos
exploitable vulnerability

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.003

Percentile

69.7%

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE
(subcomponent: Utilities). Supported versions that are affected are Java
SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Easily
exploitable vulnerability allows unauthenticated attacker with network
access via multiple protocols to compromise Java SE, Java SE Embedded.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a partial denial of service (partial DOS) of Java SE, Java SE
Embedded. Note: This vulnerability applies to Java deployments, typically
in clients running sandboxed Java Web Start applications or sandboxed Java
applets (in Java SE 8), that load and run untrusted code (e.g., code that
comes from the internet) and rely on the Java sandbox for security. This
vulnerability can also be exploited by using APIs in the specified
Component, e.g., through a web service which supplies data to the APIs.
CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchopenjdk-8< 8u222-b10-1ubuntu1~18.04.1UNKNOWN
ubuntu19.04noarchopenjdk-8< 8u222-b10-1ubuntu1~19.04.1UNKNOWN
ubuntu16.04noarchopenjdk-8< 8u222-b10-1ubuntu1~16.04.1UNKNOWN
ubuntu18.04noarchopenjdk-lts< 11.0.4+11-1ubuntu2~18.04.3UNKNOWN
ubuntu19.04noarchopenjdk-lts< 11.0.4+11-1ubuntu2~19.04UNKNOWN

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.003

Percentile

69.7%