KLA11867
Multiple vulnerabilities in Oracle Java SE
Обновлено: 21/07/2020
Дата обнаружения
14/07/2020
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Vulnerability in Hotspot component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  2. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited to cause denial of service;
  3. Vulnerability in JAXP component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  4. Vulnerability in 2D component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  5. Vulnerability in Libraries component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  6. Vulnerability in JavaFX component of Java SE can be exploited to obtain sensitive information;
  7. Vulnerability in JSSE component of Java SE, Java SE Embedded can be exploited to obtain sensitive information;
  8. Vulnerability in ImageIO component of Java SE can be exploited to cause denial of service.
Пораженные продукты

Java SE: 7u261, 8u251, 11.0.7, 14.0.1;
Java SE Embedded: 8u251

Решение

Update to the latest version
Download Java

Первичный источник обнаружения
Oracle Critical Patch Update Advisory - July 2020
Оказываемое влияние
?
OSI 
[?]

DoS 
[?]
Связанные продукты
Oracle Java JRE 1.7.x
Oracle Java JRE 1.8.x
Oracle Java JRE 1.10.x
CVE-IDS
CVE-2020-145730.0Unknown
CVE-2020-145790.0Unknown
CVE-2020-146210.0Unknown
CVE-2020-145930.0Unknown
CVE-2020-145810.0Unknown
CVE-2020-145830.0Unknown
CVE-2020-145780.0Unknown
CVE-2020-145560.0Unknown
CVE-2020-146640.0Unknown
CVE-2020-145770.0Unknown
CVE-2020-145620.0Unknown