Multiple vulnerabilities in Oracle Java SE

Descripción

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A vulnerability in Kerberos component can be exploited to bypass security restrictions;
2. A vulnerability in Networking component can be exploited to bypass security restrictions;
3. A vulnerability in Libraries component can be exploited to bypass security restrictions;
4. A vulnerability in JavaFX(libxslt) component can be exploited to bypass security restrictions;
5. A vulnerability in Hotspot component can be exploited to bypass security restrictions;
6. A vulnerability in Scripting component can be exploited to bypass security restrictions;
7. A vulnerability in Javadoc component can be exploited to bypass security restrictions;
8. A vulnerability in Deployment component can be exploited to bypass security restrictions;
9. A vulnerability in 2D component can be exploited to bypass security restrictions;
10. A vulnerability in Concurrency component can be exploited to bypass security restrictions;
11. A vulnerability in JAXP component can be exploited to bypass security restrictions;
12. A vulnerability in Security component can be exploited to bypass security restrictions;
13. A vulnerability in Serialization component can be exploited to bypass security restrictions;

Notas informativas originales

• Oracle Java SE Risk Matrix

Explotación

Public exploits exist for this vulnerability.

Productos relacionados

• Oracle-Java-JRE-1.7.x
• Oracle-Java-JDK-1.7.x
• Oracle-Java-JDK-1.8.x
• Oracle-Java-JRE-1.8.x
• Oracle-Java-JRE-1.9.x
• Oracle-Java-JRE-1.10.x

Lista CVE

• CVE-2019-2949
  high
• CVE-2019-2989
  high
• CVE-2019-2958
  high
• CVE-2019-11068
  critical
• CVE-2019-2977
  warning
• CVE-2019-2975
  warning
• CVE-2019-2999
  warning
• CVE-2019-2996
  warning
• CVE-2019-2987
  warning
• CVE-2019-2962
  warning
• CVE-2019-2988
  warning
• CVE-2019-2992
  warning
• CVE-2019-2964
  warning
• CVE-2019-2973
  warning
• CVE-2019-2981
  warning
• CVE-2019-2978
  warning
• CVE-2019-2894
  warning
• CVE-2019-2983
  warning
• CVE-2019-2933
  warning
• CVE-2019-2945
  warning

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com