This host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.

Successful exploitation will allow remote attackers to update, insert, or delete certain data, execute arbitrary code, conduct denial-of-service and disclose sensitive information. Impact Level: System/Application.

Apply the patch from below link, http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Multiple unspecified flaws exists, - An error in the Security subcomponent related to the Elliptic Curve (EC) cryptography implementation. - An error in the Serviceability subcomponent related to share/native/sun/management/GcInfoBuilder.c - An error in the Libraries subcomponent related to share/classes/java/lang/invoke/MethodHandles.java - An unspecified error related to the Deployment subcomponent. - Two errors related to the Deployment subcomponent. - A format string error in the Hotspot subcomponent within the EventMark constructor and destructor in share/vm/utilities/events.cpp

Oracle Java SE 7 update 60 and prior, and 8 update 5 and prior on Windows

Get the installed version of Oracle Java SE JRE with the help of detect NVT and check it is vulnerable or not.

• http://secunia.com/advisories/59501
• http://securitytracker.com/id?1030577
• http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
• http://www.osvdb.com/109134
• http://www.osvdb.com/109137
• http://www.osvdb.com/109139
• http://www.osvdb.com/109140
• http://www.osvdb.com/109143

---

Updated on 2015-03-25