VID |
50165 |
Severity |
40 |
Port |
139,445 |
Protocol |
TCP |
Class |
SMB |
Detailed Description |
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update 181. It is, therefore, affected by multiple vulnerabilities related to the following components :
- AWT - Concurrency - Hotspot - Install - JAXP - JMX - Libraries - RMI - Security - Serialization
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/java/javase/10-0-1-relnotes-4308875.html http://www.oracle.com/technetwork/java/javase/8u171-relnotes-4308888.html http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html
* Platforms Affected: Oracle Java JDK and JRE prior to 7 Update 181 Microsoft Windows Any version |
Recommendation |
Update to JDK / JRE 7 Update 181 or later and remove if necessary any affected versions http://www.java.com/en/ |
Related URL |
CVE-2018-2783,CVE-2018-2790,CVE-2018-2794,CVE-2018-2795,CVE-2018-2796,CVE-2018-2797,CVE-2018-2798,CVE-2018-2799,CVE-2018-2800,CVE-2018-2811 (CVE) |
Related URL |
103796,103810,103817,103832,103848,103849,103872 (SecurityFocus) |
Related URL |
(ISS) |
|