KLA11470
Multiple vulnerabilities in Oracle Java SE
Обновлено: 26/06/2019
Дата обнаружения
16/04/2019
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. Vulnerability in Windows DLL component of Java SE can be exploited remotely to bypass security restrictions;
  2. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited remotely to bypass security restrictions;
  3. Vulnerability in RMI component of Java SE, Java SE Embedded can be exploited remotely to bypass security restrictions;
  4. Multiple vulnerabilities in 2D component of Java SE can be exploited remotely to bypass security restrictions.
Пораженные продукты

Java SE: 7u211, 8u202, 11.0.2, 12
Java SE Embedded: 8u201
 

Решение

Update to the latest version

Первичный источник обнаружения
Oracle Critical Patch Update Advisory - April 2019
Оказываемое влияние
?
SB 
[?]
Связанные продукты
Oracle Java JRE 1.8.x
Oracle Java JRE 1.9.x
Oracle Java JRE 1.10.x
CVE-IDS
CVE-2019-26988.1Critical
CVE-2019-26845.9High
CVE-2019-26999.0Critical
CVE-2019-26027.5Critical
CVE-2019-26978.1Critical