6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
Java SE, Java SE Embedded and JRockit are vulnerable to information disclosure. A local, unauthenticated attacker could submit malicious input leading to the exploitation of the flawed Security
component enabling access to critical data or complete access to all Java SE, Java SE Embedded and JRockit.
www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
www.securityfocus.com/bid/101413
www.securitytracker.com/id/1039596
access.redhat.com/errata/RHSA-2017:2998
access.redhat.com/errata/RHSA-2017:2999
access.redhat.com/errata/RHSA-2017:3046
access.redhat.com/errata/RHSA-2017:3047
access.redhat.com/errata/RHSA-2017:3264
access.redhat.com/errata/RHSA-2017:3267
access.redhat.com/errata/RHSA-2017:3268
access.redhat.com/errata/RHSA-2017:3392
access.redhat.com/errata/RHSA-2017:3453
access.redhat.com/security/updates/classification/#critical
developer.ibm.com/javasdk/support/security-vulnerabilities/
lists.debian.org/debian-lts-announce/2017/11/msg00033.html
security.gentoo.org/glsa/201710-31
security.gentoo.org/glsa/201711-14
security.netapp.com/advisory/ntap-20171019-0001/
www.debian.org/security/2017/dsa-4015
www.debian.org/security/2017/dsa-4048
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N