Oracle Java SE JRE Multiple Unspecified Vulnerabilities-04 Oct 2014 (Windows) Network Vulnerability

Summary

The host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.

Impact

Successful exploitation will allow attackers to manipulate certain data, gain elevated privileges, and execute arbitrary code. Impact Level: System/Application.

Solution

Apply the patch from below link, http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Insight

Multiple flaws exist due to, - An error in the Hotspot subcomponent related to missing checksum verification of archive files. - An error related to the JavaFX subcomponent. - Another unspecified error.

Affected

Oracle Java SE 8 update 20 and prior on Windows

Detection

Get the installed version of Oracle Java SE JRE with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.com/113317
http://osvdb.com/113324
http://secunia.com/advisories/61609/
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2014-6468, CVE-2014-6485, CVE-2014-6562

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities-01 Aug14 (Windows)
Adobe Air Remote Code Execution Vulnerability -June13 (Windows)
Adobe AIR Security Bypass Vulnerability Jan14 (Mac OS X)
Adobe Air Multiple Vulnerabilities June-2012 (Windows)
Adobe Acrobat Multiple Vulnerabilities - Windows

Take action and discover your vulnerabilities