| VID |
28284 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 6 Update 22 / 5.0 Update 26 / 1.4.2_28. Such versions are potentially affected by security issue in the following components
- CORBA
- Deployment
- Deployment Toolkit
- Java 2D
- Java Web Start
- JNDI
- JRE
- JSSE
- Kerberos
- Networking
- New Java Plug-in
- Sound
- Swing
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html (Oracle Java CPU Advisory)
* Platforms Affected:
Sun JDK / JRE 6 Update 22
Sun JDK 5.0 Update 26
Sun SDK 1.4.2_28 or later
Microsoft Windows Any version
Linux Any version |
| Recommendation |
Update to JDK / JRE 6 Update 22, JDK 5.0 Update 26, SDK 1.4.2_28 or later and remove if necessary any affected versions. |
| Related URL |
CVE-2009-3555,CVE-2010-1321,CVE-2010-3541,CVE-2010-3548,CVE-2010-3549,CVE-2010-3550,CVE-2010-3551,CVE-2010-3552,CVE-2010-3553 (CVE) |
| Related URL |
43856,43965,43971,43979,43985,43988,43992,43994,43999,44009,44011,44012,44013,44014,44016,44017,44020,44021,44023,44024,44026,44027 (SecurityFocus) |
| Related URL |
(ISS) |
|
