| VID |
50188 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 11 Update 1, 8 Update 191, 7 Update 201, or 6 Update 211. It is, therefore, affected by multiple vulnerabilities related to the following components :
- Deployment (libpng)
- Hotspot
- JavaFX
- JNDI
- JSSE
- Networking
- Scripting
- Security
- Serviceability
- Sound
- Utility
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://www.oracle.com/technetwork/java/javase/11-0-1-relnotes-5032023.html
https://www.oracle.com/technetwork/java/javase/8u191-relnotes-5032181.html
https://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html
https://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html
* Platforms Affected:
Oracle Java JDK and JRE prior to 7 Update 201
Microsoft Windows Any version |
| Recommendation |
Update to JDK / JRE 7 Update 201 or later and remove if necessary any affected versions
http://www.java.com/en/ |
| Related URL |
CVE-2018-3136,CVE-2018-3139,CVE-2018-3149,CVE-2018-3150,CVE-2018-3157,CVE-2018-3169,CVE-2018-3180,CVE-2018-3183,CVE-2018-3209,CVE-2018-3211 (CVE) |
| Related URL |
105587,105590,105591,105595,105597,105599,105601,105602,105608,105615,105617,105622 (SecurityFocus) |
| Related URL |
(ISS) |
|
