Oracle Java SE Multiple Unspecified Vulnerabilities (Windows) Network Vulnerability

Summary

This host is installed with Sun Java SE and is prone to multiple unspecified vulnerabilities.

Impact

Successful attacks will allow attackers to affect confidentiality, integrity, and availability via unknown vectors and execute arbitrary code in the context of the user running the affected application. Impact Level: Application

Solution

Upgrade to Oracle Java SE 6 Update 24 or later For updates refer to http://java.com/en/download/index.jsp

Insight

Multiple flaws are due to - Error in 'Java Runtime Environment (JRE)', which allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. - Error in 'Java Runtime Environment (JRE)', when using Java Update. - Error in 'Java Runtime Environment (JRE)' which allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. - Error in 'Java Runtime Environment (JRE)', allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. - Error in 'Java DB component', which allows local users to affect confidentiality via unknown vectors related to Security.

Affected

Oracle Java SE 6 Update 23 and prior.

References

http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4422, CVE-2010-4451, CVE-2010-4452, CVE-2010-4470, CVE-2010-4472, CVE-2010-4474

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities