Multiple vulnerabilities in Oracle Java SE

説明

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Vulnerability in Windows DLL component of Java SE can be exploited remotely to bypass security restrictions;
2. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited remotely to bypass security restrictions;
3. Vulnerability in RMI component of Java SE, Java SE Embedded can be exploited remotely to bypass security restrictions;
4. Multiple vulnerabilities in 2D component of Java SE can be exploited remotely to bypass security restrictions.

オリジナルアドバイザリー

• Oracle Critical Patch Update Advisory – April 2019

エクスプロイテーション

Public exploits exist for this vulnerability.

関連製品

• Oracle-Java-JRE-1.8.x
• Oracle-Java-JRE-1.9.x
• Oracle-Java-JRE-1.10.x

CVEリスト

• CVE-2019-2698
  critical
• CVE-2019-2684
  high
• CVE-2019-2699
  critical
• CVE-2019-2602
  critical
• CVE-2019-2697
  critical

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com