Oracle Java SE Code Execution Vulnerability (Windows) Network Vulnerability

Summary

This host is installed with Sun Java SE and is prone to code execution vulnerability.

Impact

Successful attacks will allow attackers to execute arbitrary code in the context of the affected application with system privileges. Impact Level: Application

Solution

Upgrade to Oracle Java SE 6 Update 24 or later For updates refer to http://java.com/en/download/index.jsp

Insight

The flaw is due to an error in 'Java Runtime Environment(JRE)', which allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to deployment.

Affected

Oracle Java SE 6 Update 10 through 6 Update 23

References

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html
http://www.vupen.com/english/advisories/2011/0405

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4467

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Captivate Insecure Library Loading Vulnerability
Adobe Acrobat Remote Code Execution Vulnerability(Win)
Adobe Acrobat Unspecified vulnerability
Adobe AIR Multiple Vulnerabilities-01 Sep13 (Windows)
Adobe AIR Multiple Vulnerabilities(APSB14-22)-(Mac OS X)

Take action and discover your vulnerabilities