Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle jrockit r28.3.16 |
||
oracle jdk 1.8.0 |
||
oracle jdk 1.7.0 |
||
oracle jdk 1.6.0 |
||
oracle jre 1.6.0 |
||
oracle jre 1.8.0 |
||
oracle jre 1.7.0 |
||
oracle jdk 9.0.1 |
||
oracle jre 9.0.1 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat satellite 5.7 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux server aus 7.4 |
||
redhat enterprise linux server eus 7.4 |
||
redhat enterprise linux server tus 7.4 |
||
redhat enterprise linux server eus 7.5 |
||
redhat satellite 5.6 |
||
redhat satellite 5.8 |
||
redhat enterprise linux server tus 7.6 |
||
redhat enterprise linux server eus 7.6 |
||
redhat enterprise linux server aus 7.6 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
debian debian linux 9.0 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 17.10 |
||
schneider-electric struxureware data center expert |
||
hp xp7 command view |
||
hp xp p9000 command view |
||
hp xp command view |
Worst brew than that time El Reg went on a road trip and stopped at a Denny's IBM to kill off Watson... Workspace from end of February
IBM has issued a security alert over five vulnerabilities in its golden boy Watson analytics system. Big Blue has issued an update today to clean up a series of security flaws in Watson that stem from the analytics system's use of Java components. The bugs are present in installations of Watson Explorer and IBM Watson Content Analytics. In total, IBM says, five CVE-listed vulnerabilities are cleared up by the latest update, ranging from information disclosure flaws to remote takeover vulnerabili...