Oracle Java SE Multiple Remote Code Execution Vulnerabilities (Windows) Network Vulnerability

Summary

This host is installed with Oracle Java SE and is prone to multiple code execution vulnerabilities.

Impact

Successful exploitation allows remote attackers to execute arbitrary code via unspecified vectors, Impact Level: System/Application

Solution

Upgrade to Oracle Java 7 Update 11 or later For updates refer to http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html

Insight

- An error in Java Management Extensions (JMX) MBean components which allows remote attackers to execute arbitrary code via unspecified vectors. - An unspecified error exists within the Libraries subcomponent. NOTE: The vendor reports that only version 7.x is affected. However, some security researchers indicate that some 6.x versions may be affected

Affected

Oracle Java version 7 before Update 11 on windows

References

http://secunia.com/advisories/51820/
http://securitytracker.com/id?1027972
http://www.kb.cert.org/vuls/id/625617
http://www.oracle.com/technetwork/java/javase/7u11-relnotes-1896856.html
http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html
http://www.osvdb.org/89059

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3174, CVE-2013-0422

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
Adobe Acrobat Multiple Vulnerabilities April-2012 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Sep13 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)

Take action and discover your vulnerabilities