Oracle Java SE Code Execution Vulnerabilities (Windows) Network Vulnerability

Summary

This host is installed with Sun Java SE and is prone to multiple code execution vulnerabilities.

Impact

Successful attacks will allow attackers to execute arbitrary code in the context of the affected application with system privileges. Impact Level: Application

Solution

Upgrade to Oracle Java SE 6 Update 24 or later http://java.com/en/download/index.jsp

Insight

The flaws are due to an error in 'Java Runtime Environment (JRE)', which allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to JDBC and 2D.

Affected

Oracle Java SE 6 Update 23 and prior. Oracle Java SE 5.0 Update 27 and prior.

References

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html
http://www.vupen.com/english/advisories/2011/0405

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4468, CVE-2010-4471

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
Apache Tomcat XML External Entity Information Disclosure Vulnerability
Adobe Reader Plugin Signature Bypass Vulnerability (Windows)
Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Windows)

Take action and discover your vulnerabilities