VID |
50187 |
Severity |
40 |
Port |
139,445 |
Protocol |
TCP |
Class |
SMB |
Detailed Description |
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 11 Update 1, 8 Update 191, 7 Update 201, or 6 Update 211. It is, therefore, affected by multiple vulnerabilities related to the following components :
- Deployment (libpng) - Hotspot - JavaFX - JNDI - JSSE - Networking - Scripting - Security - Serviceability - Sound - Utility
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://www.oracle.com/technetwork/java/javase/11-0-1-relnotes-5032023.html https://www.oracle.com/technetwork/java/javase/8u191-relnotes-5032181.html https://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html https://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html
* Platforms Affected: Oracle Java JDK and JRE prior to 6 Update 211 Microsoft Windows Any version |
Recommendation |
Update to JDK / JRE 6 Update 211 or later and remove if necessary any affected versions http://www.java.com/en/ |
Related URL |
CVE-2018-3136,CVE-2018-3139,CVE-2018-3149,CVE-2018-3150,CVE-2018-3157,CVE-2018-3169,CVE-2018-3180,CVE-2018-3183,CVE-2018-3209,CVE-2018-3211 (CVE) |
Related URL |
105587,105590,105591,105595,105597,105599,105601,105602,105608,105615,105617,105622 (SecurityFocus) |
Related URL |
(ISS) |
|