| VID |
50279 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update 241, 8 Update 231, 11 Update 5, or 13 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components :
- 2D
- Libraries
- Kerberos
- Networking
- JavaFX
- Hotspot
- Scripting
- Javadoc
- Deployment
- Concurrency
- JAXP
- Serialization
- Security
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://www.oracle.com/security-alerts/cpuapr2019.html
* Platforms Affected:
Oracle Java JDK and JRE prior to 8 Update 231
Microsoft Windows Any version |
| Recommendation |
Update to JDK / JRE 8 Update 231 or later and remove if necessary any affected versions
http://www.java.com/en/ |
| Related URL |
CVE-2019-2894,CVE-2019-2933,CVE-2019-2945,CVE-2019-2949,CVE-2019-2958,CVE-2019-2962,CVE-2019-2964,CVE-2019-2973,CVE-2019-2975,CVE-2019-2977 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
