KLA10959
An unspecified vulnerability in Oracle Java SE
Обновлено: 17/06/2019
Дата обнаружения
27/01/2017
Уровень угрозы
Warning
Описание

An unspecified vulnerability was found in Oracle Java SE components. By exploiting this vulnerability malicious users can gain privileges and obtain sensitive information. This vulnerability can be exploited remotely by an unauthenticater attacker having network access via multiple protocols.


Technical details

Vulnerability described above is related to Libraries subcomponent of Java SE and Java SE Embedded components or Oracle Java SE.

This vulnerability is frequently applicable to Java deployments, where clients rely on the security of the Java sandbox and use sandboxed Java applets or sandboxed Java Web Start applications, which load and run untrusted code, for example, code coming from the internet.

Given vulnerability is frequently not applicable to Java deployments, where only trusted code is loaded and run on servers (for example, code provided by an administrator).

Пораженные продукты

Oracle Java SE 6u131
Oracle Java SE 7u121
Oracle Java SE 8u112
Oracle Java SE Embedded 8u111

Решение

Update to the latest versions
Get Java SE

Первичный источник обнаружения
Oracle Critical Patch Update Advisory
Оказываемое влияние
?
OSI 
[?]

PE 
[?]
Связанные продукты
Oracle Java JRE 1.7.x
Oracle Java JDK 1.7.x
Oracle Java JDK 1.8.x
Oracle Java JRE 1.8.x
CVE-IDS
CVE-2016-55484.3Warning