Published: 19/10/2011 Updated: 06/01/2018

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and previous versions, 5.0 Update 31 and previous versions, and 1.4.2_33 and previous versions allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity, related to JSSE.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun jdk 1.6.0
sun jre 1.6.0
sun jre
sun jdk
sun jre 1.5.0
sun jdk 1.5.0
sun jre 1.4.2 26
sun jdk 1.4.2 13
sun jdk 1.4.2 30
sun jre 1.4.2 7
sun jre 1.4.2 27
sun jdk 1.4.2 12
sun jdk 1.4.2 31
sun jre 1.4.2 16
sun jdk 1.4.2 3
sun jre 1.4.2 24
sun jre 1.4.2 4
sun jdk 1.4.2 21
sun jre 1.4.2 2
sun jre 1.4.2 19
sun jdk 1.4.2 26
sun jre 1.4.2 25
sun jdk 1.4.2 19
sun jdk 1.4.2 8
sun jdk 1.4.2 29
sun jre 1.4.2 15
sun jdk 1.4.2 16
sun jdk 1.4.2 6
sun jdk 1.4.2 20
sun jre 1.4.2 13
sun jre 1.4.2 1
sun jre 1.4.2 8
sun jdk 1.4.2 23
sun jdk 1.4.2 18
sun jre 1.4.2 31
sun jre 1.4.2 29
sun jdk 1.4.2 32
sun jdk 1.4.2 22
sun jre 1.4.2 12
sun jdk 1.4.2 17
sun jdk 1.4.2 4
sun jdk 1.4.2 25
sun jdk 1.4.2 11
sun jdk 1.4.2 14
sun jdk 1.4.2
sun jre 1.4.2 18
sun jre 1.4.2 22
sun jre 1.4.2 28
sun jre 1.4.2 14
sun jdk 1.4.2 28
sun jre 1.4.2 30
sun jre 1.4.2 10
sun jdk 1.4.2 5
sun jre 1.4.2 17
sun jdk 1.4.2 2
sun jdk 1.4.2 1
sun jre 1.4.2 9
sun jre 1.4.2
sun jre 1.4.2 21
sun jre 1.4.2 32
sun jre 1.4.2 11
sun jdk 1.4.2 9
sun jdk 1.4.2 10
sun jre 1.4.2 23
sun jdk 1.4.2 27
sun jdk 1.4.2 7
sun jdk 1.4.2 24
sun jre 1.4.2 3
sun jre 1.4.2 20
sun jre 1.4.2 5
sun jre 1.4.2 6
sun jdk 1.4.2 15
sun jre 1.7.0
sun jdk 1.7.0

USN-1263-1 caused a regression when using OpenJDK 6’s SSL/TLS implementation ...

Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed ...

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform: CVE-2011-3389 The TLS implementation does not guard properly against certain chosen-plaintext attacks when block ciphers are used in CBC mode CVE-2011-3521 The CORBA implementation contains a deserialization vulnerability in the IIOP implementati ...

Synopsis Critical: java-142-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-142-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and Red Hat EnterpriseLinux 5 SupplementaryThe Red Hat Security Response Team has rated t ...

Synopsis Moderate: java-142-ibm-sap security update Type/Severity Security Advisory: Moderate Topic Updated java-142-ibm-sap packages that fix several security issues arenow available for Red Hat Enterprise Linux 4, 5 and 6 for SAPThe Red Hat Security Response Team has rated this update as having moder ...

Synopsis Critical: java-160-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras, and Red Hat EnterpriseLinux 5 and 6 SupplementaryThe Red Hat Security Response Team has ...

Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 54The Red Hat Security Response Team has rated this update as ha ...

A flaw was found in the Java RMI (Remote Method Invocation) registry implementation A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry (CVE-2011-3556) A flaw was found in the Java RMI registry implementation A remote RMI client could use this flaw to execute code on the RMI server with unrest ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://www.redhat.com/support/errata/RHSA-2011-1384.html http://www.securityfocus.com/bid/50236 http://www.ibm.com/developerworks/java/jdk/alerts/http://www.redhat.com/support/errata/RHSA-2012-0006.html http://secunia.com/advisories/49198 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html http://osvdb.org/76507 http://www.securitytracker.com/id?1026215 http://marc.info/?l=bugtraq&m=132750579901589&w=2 http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html http://secunia.com/advisories/48692 http://secunia.com/advisories/48948 http://secunia.com/advisories/48915 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://www.ubuntu.com/usn/USN-1263-1 http://security.gentoo.org/glsa/glsa-201406-32.xml http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://marc.info/?l=bugtraq&m=133728004526190&w=2 http://marc.info/?l=bugtraq&m=133365109612558&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/70834 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14394 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://rhn.redhat.com/errata/RHSA-2012-0508.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html http://secunia.com/advisories/48308 https://nvd.nist.gov https://usn.ubuntu.com/1263-2/

CVE-2011-3560

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect