Searching
..

Click anywhere to stop

KLA11178
Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit

Updated: 01/22/2024
Detect date
?
01/16/2018
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities possibly possibly to cause denial of service, to gain privileges and to obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. An unspecified vulnerability in the Java SE Deployment component can be exploited remotely possibly to gain privileges;
  2. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JNDI component can be exploited remotely possibly to gain privileges;
  3. An unspecified vulnerability in the Java SE Installer component can be exploited locally possibly to gain privileges;
  4. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JMX component can be exploited remotely possibly to loss of integrity and obtain sensitive information;
  5. An unspecified vulnerability in the Java SE, Java SE Embedded JGSS component can be exploited remotely possibly to obtain sensitive information;
  6. An unspecified vulnerability in the Java SE, Java SE Embedded Hotspot component can be exploited remotely possibly to loss of integrity;
  7. An unspecified vulnerability in the Java SE, Java SE Embedded AWT component can be exploited remotely possibly to loss of integrity;
  8. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JCE component can be exploited remotely possibly to obtain sensitive information;
  9. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JGSS component can be exploited remotely possibly to loss of integrity;
  10. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit Libraries component can be exploited remotely possibly to cause denial of service;
  11. An unspecified vulnerability in the Java SE, JRockit Serialization component can be exploited remotely possibly to cause denial of service;
  12. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JNDI component can be exploited remotely possibly to loss of integrity and cause denial of service;
  13. An unspecified vulnerability in the Java SE JavaFX component can be exploited remotely possibly to obtain sensitive information;
  14. An unspecified vulnerability in the Java SE, Java SE Embedded I18n component can be exploited locally possibly to obtain sensitive information, loss of integrity and cause denial of service;
  15. An unspecified vulnerability in the Java SE, Java SE Embedded AWT component can be exploited remotely possibly to cause denial of service;
  16. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JNDI component can be exploited remotely possibly to cause denial of service;
  17. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit LDAP component can be exploited remotely possibly to obtain sensitive information;
  18. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit Libraries component can be exploited remotely possibly to cause denial of service;
  19. An unspecified vulnerability in the Java Advanced Management Console Server component can be exploited remotely possibly to obtain sensitive information;
  20. An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit Libraries component can be exploited remotely possibly to obtain sensitive information.
Affected products

Java SE 6 version 6u171 and earlier
Java SE 7 version 7u161 and earlier
Java SE 8 version 8u152 and earlier
Java SE 9 version 9.0.1 and earlier
Java SE Embedded version 8u151 and earlier
JRockit version R28.3.16 and earlier
Java Advanced Management Console version 2.8 and earlier

Solution

Update to the latest version
Oracle software downloads

Original advisories

Oracle Critical Patch Update Advisory – January 2018

Impacts
?
OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]

RLF 
[?]

LoI 
[?]
Related products
Oracle Java JRE 1.7.x
Oracle Java JRE 1.8.x
Oracle JRockit
CVE-IDS
?
CVE-2018-26412.6Warning
CVE-2018-25814.3Warning
CVE-2018-26344.3Warning
CVE-2018-26396.8High
CVE-2018-25824.3Warning
CVE-2018-26023.7Warning
CVE-2018-26035.0Warning
CVE-2018-26784.3Warning
CVE-2018-26575.0Warning
CVE-2018-26335.1High
CVE-2018-25884.0Warning
CVE-2018-26273.7Warning
CVE-2018-26375.8High
CVE-2018-26184.3Warning
CVE-2018-26754.3Warning
CVE-2018-26774.3Warning
CVE-2018-26292.6Warning
CVE-2018-25995.8High
CVE-2018-26385.1High
CVE-2018-26634.3Warning
CVE-2018-25794.3Warning
Find out the statistics of the vulnerabilities spreading in your region