Executive Summary

Informations
NameCVE-2011-3549First vendor Publication2011-10-19
VendorCveLast vendor Modification2013-10-30

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3549

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:19787
 
Oval ID: oval:org.mitre.oval:def:19787
Title: HP-UX Running Java JRE and JDK, Remote Denial of Service (DoS), Unauthorized Modification and Disclosure of Information
Description: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Family: unix Class: vulnerability
Reference(s): CVE-2011-3549
Version: 6
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13885
 
Oval ID: oval:org.mitre.oval:def:13885
Title: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Description: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
Family: windows Class: vulnerability
Reference(s): CVE-2011-3549
Version: 7
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Java Development Kit
Java Runtime Environment
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application93
Application90

OpenVAS Exploits

DateDescription
2012-02-12Name : Gentoo Security Advisory GLSA 201111-02 (sun-jre-bin sun-jdk emul-linux-x86-j...
File : nvt/glsa_201111_02.nasl
2011-11-15Name : Oracle Java SE Multiple Vulnerabilities - October 2011 (Windows03)
File : nvt/gb_oracle_java_se_mult_vuln_oct11_win_03.nasl
0000-00-00Name : Java for Mac OS X 10.6 Update 6 And 10.7 Update 1
File : nvt/secpod_macosx_java_10_6_upd_6_and_10_7_upd_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
76501Oracle Java SE JRE Swing Component Unspecified Remote Issue

Information Assurance Vulnerability Management (IAVM)

DateDescription
2012-03-29IAVM : 2012-A-0048 - Multiple Vulnerabilities in VMware vCenter Update Manager 5.0
Severity : Category I - VMSKEY : V0031901

Nessus® Vulnerability Scanner

DateDescription
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-openjdk-111025.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_java-1_6_0-sun-111024.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_java-1_6_0-openjdk-111025.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_java-1_6_0-sun-111024.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a programming platform that is affected by mult...
File : oracle_java_cpu_oct_2011_unix.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111019_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-03-09Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0003.nasl - Type : ACT_GATHER_INFO
2012-02-29Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-120223.nasl - Type : ACT_GATHER_INFO
2012-02-24Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_4_2-ibm-120105.nasl - Type : ACT_GATHER_INFO
2012-01-25Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_4_2-ibm-7908.nasl - Type : ACT_GATHER_INFO
2012-01-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_6_0-ibm-7926.nasl - Type : ACT_GATHER_INFO
2012-01-19Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0034.nasl - Type : ACT_GATHER_INFO
2012-01-10Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0006.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_java-1_5_0-ibm-7862.nasl - Type : ACT_GATHER_INFO
2011-11-26Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1478.nasl - Type : ACT_GATHER_INFO
2011-11-09Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_6_update6.nasl - Type : ACT_GATHER_INFO
2011-11-09Name : The remote host has a version of Java that is affected by multiple vulnerabil...
File : macosx_java_10_7_update1.nasl - Type : ACT_GATHER_INFO
2011-11-07Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201111-02.nasl - Type : ACT_GATHER_INFO
2011-10-20Name : The remote Windows host contains a programming platform that is affected by m...
File : oracle_java_cpu_oct_2011.nasl - Type : ACT_GATHER_INFO
2011-10-20Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1384.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/50223
CONFIRMhttp://www.ibm.com/developerworks/java/jdk/alerts/
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
HPhttp://marc.info/?l=bugtraq&m=132750579901589&w=2
http://marc.info/?l=bugtraq&m=132750579901589&w=2
REDHAThttp://rhn.redhat.com/errata/RHSA-2013-1455.html
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://www.redhat.com/support/errata/RHSA-2011-1478.html
http://www.redhat.com/support/errata/RHSA-2012-0006.html
SECTRACKhttp://www.securitytracker.com/id?1026215
SECUNIAhttp://secunia.com/advisories/48692
http://secunia.com/advisories/49198
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
XFhttp://xforce.iss.net/xforce/xfdb/70844

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
DateInformations
2014-11-08 13:29:52
  • Multiple Updates
2014-06-14 13:31:38
  • Multiple Updates
2014-02-17 11:05:19
  • Multiple Updates
2013-11-11 12:39:36
  • Multiple Updates
2013-10-31 13:19:02
  • Multiple Updates
2013-05-10 23:07:38
  • Multiple Updates
2012-12-06 13:19:42
  • Multiple Updates
2012-11-07 05:20:51
  • Multiple Updates