Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310902525
HistoryJun 24, 2011 - 12:00 a.m.

Oracle Java SE Multiple Unspecified Vulnerabilities - 01 - (Jun 2011) - Windows

2011-06-2400:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
17

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.3

Confidence

High

EPSS

0.039

Percentile

92.0%

JSON

Oracle Java SE is prone to multiple unspecified vulnerabilities.

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.902525");
  script_version("2024-02-08T14:36:53+0000");
  script_tag(name:"last_modification", value:"2024-02-08 14:36:53 +0000 (Thu, 08 Feb 2024)");
  script_tag(name:"creation_date", value:"2011-06-24 16:31:03 +0200 (Fri, 24 Jun 2011)");
  script_cve_id("CVE-2011-0868", "CVE-2011-0869", "CVE-2011-0872", "CVE-2011-0786",
                "CVE-2011-0788", "CVE-2011-0817", "CVE-2011-0863");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_name("Oracle Java SE Multiple Unspecified Vulnerabilities - 01 - (Jun 2011) - Windows");

  script_tag(name:"qod_type", value:"registry");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("General");
  script_dependencies("gb_java_prdts_detect_portable_win.nasl");
  script_mandatory_keys("Sun/Java/JDK_or_JRE/Win/installed");
  script_tag(name:"impact", value:"Successful exploitation allows remote attackers to execute arbitrary code in
  the context of the application.");
  script_tag(name:"affected", value:"Oracle Java SE versions 6 Update 25 and prior.");
  script_tag(name:"insight", value:"Multiple flaws are due to unspecified errors in the following
  components:

  - 2D

  - NIO

  - SAAJ

  - Deployment");
  script_tag(name:"solution", value:"Upgrade to Oracle Java SE version 6 Update 26 or later.");
  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"summary", value:"Oracle Java SE is prone to multiple unspecified vulnerabilities.");
  script_xref(name:"URL", value:"http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48133");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48134");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48135");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48138");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48140");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48141");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48146");
  exit(0);
}

include("version_func.inc");

jreVer = get_kb_item("Sun/Java/JRE/Win/Ver");
if(jreVer)
{

  if(version_in_range(version:jreVer, test_version:"1.6", test_version2:"1.6.0.25"))
  {
    report = report_fixed_ver(installed_version:jreVer, vulnerable_range:"1.6 - 1.6.0.25");
    security_message(port: 0, data: report);
    exit(0);
  }
}

jdkVer = get_kb_item("Sun/Java/JDK/Win/Ver");
if(jdkVer)
{
  if(version_in_range(version:jdkVer, test_version:"1.6", test_version2:"1.6.0.25")) {
     report = report_fixed_ver(installed_version:jdkVer, vulnerable_range:"1.6 - 1.6.0.25");
     security_message(port: 0, data: report);
     exit(0);
  }
}

exit(99);

Related

openvas 42
cvelist 7
prion 7
cve 7
ubuntucve 8
nvd 7
suse 10
nessus 42
securityvulns 5
veracode 3
zdi 2
jvn 2
redhat 5
oraclelinux 2
fedora 8
ubuntu 1
debian 2
osv 2
centos 1
gentoo 2
oracle 1
openvas
openvas
Oracle Java SE Multiple Unspecified Vulnerabilities 01 - June11 (Windows)
2011-06-24 00:00:00
Java for Mac OS X 10.6 Update 5
2011-08-26 00:00:00
Java for Mac OS X 10.6 Update 5
2011-08-26 00:00:00
cvelist
cvelist
CVE-2011-0786
2011-06-14 18:00:00
CVE-2011-0788
2011-06-14 18:00:00
CVE-2011-0863
2011-06-14 18:00:00
prion
prion
Design/Logic Flaw
2011-06-14 18:55:00
Design/Logic Flaw
2011-06-14 18:55:00
Design/Logic Flaw
2011-06-14 18:55:00
cve
cve
CVE-2011-0788
2011-06-14 18:55:01
CVE-2011-0786
2011-06-14 18:55:01
CVE-2011-0863
2011-06-14 18:55:02
ubuntucve
ubuntucve
CVE-2011-0786
2011-06-14 00:00:00
CVE-2011-0788
2011-06-14 00:00:00
CVE-2011-0863
2011-06-14 00:00:00
nvd
nvd
CVE-2011-0786
2011-06-14 18:55:01
CVE-2011-0788
2011-06-14 18:55:01
CVE-2011-0872
2011-06-14 18:55:02
suse
suse
remote code execution in java-1_6_0-ibm
2011-07-18 17:57:23
Security update for IBM Java (important)
2011-07-19 07:08:31
Sun/Oracle Java (critical)
2011-06-14 19:08:14
nessus
nessus
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7627)
2011-12-13 00:00:00
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7626)
2011-07-19 00:00:00
SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4875)
2011-07-19 00:00:00
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2011-06-19 00:00:00
ZDI-11-192: Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability
2011-06-10 00:00:00
ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability
2011-06-10 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:55:58
Information Disclosure
2019-05-02 04:55:58
Information Disclosure
2019-05-02 04:55:58
zdi
zdi
Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability
2011-06-08 00:00:00
Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability
2011-06-08 00:00:00
jvn
jvn
JVN#09206238: Java Web Start may insecurely load settings files
2011-06-10 00:00:00
JVN#29212182: Java Web Start may insecurely load policy files
2011-06-10 00:00:00
redhat
redhat
(RHSA-2011:0938) Critical: java-1.6.0-ibm security update
2011-07-15 00:00:00
(RHSA-2011:0860) Critical: java-1.6.0-sun security update
2011-06-08 00:00:00
(RHSA-2011:0857) Important: java-1.6.0-openjdk security update
2011-06-08 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-06-08 00:00:00
java-1.6.0-openjdk security update
2011-06-08 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: java-1.6.0-openjdk-1.6.0.0-58.1.10.2.fc15
2011-06-15 05:44:07
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-53.1.9.8.fc14
2011-06-11 04:18:13
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-51.1.8.8.fc13
2011-06-15 05:33:46
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2011-06-17 00:00:00
debian
debian
[SECURITY] [DSA 2311-1] openjdk-6 security update
2011-09-27 20:10:30
[SECURITY] [DSA 2358-1] openjdk-6 security update
2011-12-05 19:26:27
osv
osv
openjdk-6 - several
2011-09-27 00:00:00
openjdk-6 - several
2011-12-05 00:00:00
centos
centos
java security update
2011-06-13 14:03:30
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2011
2011-12-15 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.3

Confidence

High

EPSS

0.039

Percentile

92.0%

JSON
Related for OPENVAS:1361412562310902525
openvas42cvelist7prion7cve7ubuntucve8nvd7suse10nessus42securityvulns5veracode3zdi2jvn2redhat5oraclelinux2fedora8ubuntu1debian2osv2centos1gentoo2oracle1