Lucene search
XOR19ZDI-17-056HistoryJan 24, 2017 - 12:00 a.m.
Oracle Java AtomicReferenceFieldUpdater Type Confusion Remote Code Execution Vulnerability
2017-01-2400:00:00
XOR19
www.zerodayinitiative.com
30
0.004 Low
EPSS
Percentile
74.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AtomicReferenceFieldUpdater class. Due to insufficient type checking involving this class, it is possible for untrusted code to gain access to privileged methods and properties. An attacker can leverage this vulnerability to execute code under the context of the process.
Related
veracode
veracode
Privilege Escalation
2019-05-02 06:09:32
nvd
nvd
CVE-2017-3272
2017-01-27 22:59:03
zdt
zdt
cve
cve
CVE-2017-3272
2017-01-27 22:59:03
prion
prion
Code injection
2017-01-27 22:59:00
ubuntucve
ubuntucve
CVE-2017-3272
2017-01-19 00:00:00
debiancve
debiancve
CVE-2017-3272
2017-01-27 22:59:03
cvelist
cvelist
CVE-2017-3272
2017-01-27 22:01:00
ibm
ibm
openvas
openvas
Ubuntu: Security Advisory (USN-3198-1)
2017-02-16 00:00:00
Oracle Java SE Security Updates (jan2017-2881727) 01 - Windows
2017-01-18 00:00:00
Oracle Java SE Security Updates (jan2017-2881727) 01 - Linux
2017-01-18 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2017-02-16 00:00:00
OpenJDK 7 vulnerabilities
2017-02-09 00:00:00
OpenJDK 8 vulnerabilities
2017-01-25 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-3198-1)
2017-02-16 00:00:00
RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2017:0177)
2017-01-20 00:00:00
RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2017:0180)
2017-01-23 00:00:00
oraclelinux
oraclelinux
java-1.8.0-openjdk security update
2017-01-20 00:00:00
java-1.7.0-openjdk security update
2017-02-13 00:00:00
redhat
redhat
(RHSA-2017:0177) Critical: java-1.6.0-sun security update
2017-01-19 13:46:26
(RHSA-2017:0338) Critical: java-1.6.0-ibm security update
2017-02-28 00:00:00
(RHSA-2017:0269) Critical: java-1.7.0-openjdk security update
2017-02-13 00:00:00
f5
f5
K15518610 : Multiple OpenJDK vulnerabilities
2017-05-22 00:00:00
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerabilities
2017-02-05 23:42:41
centos
centos
java security update
2017-02-13 17:16:15
java security update
2017-01-21 15:53:44
osv
osv
openjdk-7 - security update
2017-02-08 00:00:00
openjdk-7 - security update
2017-02-11 00:00:00
amazon
amazon
Critical: java-1.7.0-openjdk
2017-02-14 12:00:00
Critical: java-1.8.0-openjdk
2017-01-26 18:00:00
debian
debian
[SECURITY] [DLA 821-1] openjdk-7 security update
2017-02-11 00:38:57
[SECURITY] [DSA 3782-1] openjdk-7 security update
2017-02-08 18:15:02
suse
suse
Security update for java-1_8_0-ibm (important)
2017-02-14 21:08:09
Security update for java-1_8_0-openjdk (important)
2017-02-03 12:07:24
Security update for java-1_8_0-openjdk (important)
2017-01-31 21:11:53
aix
aix
There are multiple vulnerabilities in IBM SDK Java Technology Edition
2017-04-05 23:21:06
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2017-01-25 00:00:00
IcedTea: Multiple vulnerabilities
2017-07-05 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2017
2017-01-17 00:00:00