| VID |
50164 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 6 Update 191. It is, therefore, affected by multiple vulnerabilities related to the following components :
- AWT
- Concurrency
- Hotspot
- Install
- JAXP
- JMX
- Libraries
- RMI
- Security
- Serialization
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/java/javase/10-0-1-relnotes-4308875.html
http://www.oracle.com/technetwork/java/javase/8u171-relnotes-4308888.html
http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html
http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html
* Platforms Affected:
Oracle Java JDK and JRE prior to 6 Update 191
Microsoft Windows Any version |
| Recommendation |
Update to JDK / JRE 6 Update 191 or later and remove if necessary any affected versions
http://www.java.com/en/ |
| Related URL |
CVE-2018-2783,CVE-2018-2790,CVE-2018-2794,CVE-2018-2795,CVE-2018-2796,CVE-2018-2797,CVE-2018-2798,CVE-2018-2799,CVE-2018-2800,CVE-2018-2811 (CVE) |
| Related URL |
103796,103810,103817,103832,103848,103849,103872 (SecurityFocus) |
| Related URL |
(ISS) |
|
