KLA11403
Multiple vulnerabilities in Oracle Java SE
Обновлено: 26/06/2019
Дата обнаружения
15/01/2019
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A divide by zero vulnerability in libjpeg (ImageIO component) can be exploited remotely to cause denial of service;
  2. A vulnerability in Networking component can be exploited remotely to obtain sensitive information;
  3. A vulnerability in Deployment component can be exploited remotely to cause denial of service;
  4. A vulnerability in Libraries component can be exploited remotely to obtain sensitive information;
Пораженные продукты

Oracle Java JRE 1.8.x earlier than 8u201

Решение

Update to the latest version

Первичный источник обнаружения
Oracle Critical Patch Update Advisory - January 2019
Оказываемое влияние
?
OSI 
[?]

DoS 
[?]
Связанные продукты
Oracle Java JRE 1.7.x
Oracle Java JRE 1.8.x
CVE-IDS
CVE-2018-112125.3High
CVE-2019-24263.7Warning
CVE-2019-24493.1Warning
CVE-2019-24223.1Warning