Sun Java JRE Remote Code Execution Vulnerability (Linux) Network Vulnerability

Summary

This host is installed with Sun Java JRE and is prone to Remote Code Execution Vulnerability.

Impact

Successful exploitation allows remote attackers to execute arbitrary code in the context of the affected application. Impact Level: Application.

Solution

Upgrade to JRE version 6 Update 17 http://java.sun.com/javase/downloads/index.jsp

Insight

- An error occurs while using security model permissions when removing installer extensions and may allow an untrusted applications to run as a trusted application. - An error occurs while handling interaction between a signed JAR file and a JNLP application or applet.

Affected

Sun Java JRE 6 prior to 6 Update 17 on Linux.

References

http://java.sun.com/javase/6/webnotes/6u17.html
http://secunia.com/advisories/37231

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-3866, CVE-2009-3886

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
Adobe AIR Security Bypass Vulnerability Jan14 (Mac OS X)
Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
Adobe Air Multiple Vulnerabilities - December12 (Windows)

Take action and discover your vulnerabilities