Summary
This host is installed with Sun Java SE and is prone to multiple unspecified vulnerabilities.
Impact
Successful attacks will allow attackers to manipulate or gain knowledge of sensitive information, bypass restrictions, cause a denial of service or compromise a vulnerable system.
Impact Level: Application
Solution
Upgrade to Oracle Java SE 6 Update 24 or later
For updates refer to http://java.com/en/download/index.jsp
Insight
The flaws are due to
- Error in 'JRE' allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity via unknown vectors related to Deployment and Networking.
- Error in 'JRE' component, which allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, Swing, HotSpot and unspecified APIs.
Affected
Oracle Java SE 1.4.2_29 and prior,
Oracle Java SE 6 Update 23 and 5 Update 27 and prior.
References
Severity
Classification
-
CVE CVE-2010-4447, CVE-2010-4448, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4466, CVE-2010-4469, CVE-2010-4473, CVE-2010-4475, CVE-2010-4476 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Sep14 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Windows)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)
- Adobe Air and Flash Player Multiple Vulnerabilities (Mac OS X)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Mac OS X)