Kaspersky Threats

Описание

Multiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities possibly possibly to cause denial of service, to gain privileges and to obtain sensitive information.

Below is a complete list of vulnerabilities:

An unspecified vulnerability in the Java SE Deployment component can be exploited remotely possibly to gain privileges;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JNDI component can be exploited remotely possibly to gain privileges;
An unspecified vulnerability in the Java SE Installer component can be exploited locally possibly to gain privileges;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JMX component can be exploited remotely possibly to loss of integrity and obtain sensitive information;
An unspecified vulnerability in the Java SE, Java SE Embedded JGSS component can be exploited remotely possibly to obtain sensitive information;
An unspecified vulnerability in the Java SE, Java SE Embedded Hotspot component can be exploited remotely possibly to loss of integrity;
An unspecified vulnerability in the Java SE, Java SE Embedded AWT component can be exploited remotely possibly to loss of integrity;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JCE component can be exploited remotely possibly to obtain sensitive information;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JGSS component can be exploited remotely possibly to loss of integrity;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit Libraries component can be exploited remotely possibly to cause denial of service;
An unspecified vulnerability in the Java SE, JRockit Serialization component can be exploited remotely possibly to cause denial of service;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JNDI component can be exploited remotely possibly to loss of integrity and cause denial of service;
An unspecified vulnerability in the Java SE JavaFX component can be exploited remotely possibly to obtain sensitive information;
An unspecified vulnerability in the Java SE, Java SE Embedded I18n component can be exploited locally possibly to obtain sensitive information, loss of integrity and cause denial of service;
An unspecified vulnerability in the Java SE, Java SE Embedded AWT component can be exploited remotely possibly to cause denial of service;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit JNDI component can be exploited remotely possibly to cause denial of service;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit LDAP component can be exploited remotely possibly to obtain sensitive information;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit Libraries component can be exploited remotely possibly to cause denial of service;
An unspecified vulnerability in the Java Advanced Management Console Server component can be exploited remotely possibly to obtain sensitive information;
An unspecified vulnerability in the Java SE, Java SE Embedded, JRockit Libraries component can be exploited remotely possibly to obtain sensitive information.

Первичный источник обнаружения

Oracle Critical Patch Update Advisory – January 2018

Связанные продукты

Список CVE

CVE-2018-2641
warning
CVE-2018-2581
warning
CVE-2018-2634
warning
CVE-2018-2639
high
CVE-2018-2582
warning
CVE-2018-2602
warning
CVE-2018-2603
warning
CVE-2018-2678
warning
CVE-2018-2657
warning
CVE-2018-2633
high
CVE-2018-2588
warning
CVE-2018-2627
warning
CVE-2018-2637
high
CVE-2018-2618
warning
CVE-2018-2675
warning
CVE-2018-2677
warning
CVE-2018-2629
warning
CVE-2018-2599
high
CVE-2018-2638
high
CVE-2018-2663
warning
CVE-2018-2579
warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!