Oracle Java SE JRE Multiple Unspecified Vulnerabilities-05 Jul 2014 (Windows) Network Vulnerability

Summary

This host is installed with Oracle Java SE JRE and is prone to multiple unspecified vulnerabilities.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code. Impact Level: System/Application.

Solution

Apply the patch from below link, http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Insight

Multiple flaws exists, - An unspecified error in the Libraries subcomponent within the 'Invokers::invokeForm' function in share/classes/java/lang/invoke/Invokers.java - Another unspecified error related to the Libraries subcomponent in share/vm/classfile/classFileParser.hpp

Affected

Oracle Java SE 7 update 60 and prior on Windows

Detection

Get the installed version of Oracle Java SE JRE with the help of detect NVT and check it is vulnerable or not.

References

http://securitytracker.com/id?1030577
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.osvdb.com/109129

Updated on 2017-03-28

Severity

Classification

CVE CVE-2014-2483, CVE-2014-4223

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)
Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities - Windows

Take action and discover your vulnerabilities