This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 2012-02-15
Product Jdk Last view 2017-12-29
Version 1.7.0 Type Application
Update update_60  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:oracle:jdk

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.3 2017-12-29 CVE-2013-4578

jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.

2.6 2014-10-15 CVE-2014-6558

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security.

4.3 2014-10-15 CVE-2014-6531

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

5 2014-10-15 CVE-2014-6519

Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot.

5 2014-10-15 CVE-2014-6517

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.

10 2014-10-15 CVE-2014-6513

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.

4.3 2014-10-15 CVE-2014-6512

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries.

6.8 2014-10-15 CVE-2014-6506

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

5 2014-10-15 CVE-2014-6504

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot.

2.6 2014-10-15 CVE-2014-6502

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries.

4 2014-10-15 CVE-2014-6457

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.

5 2014-07-17 CVE-2014-4268

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing.

5 2014-07-17 CVE-2014-4266

Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.

5 2014-07-17 CVE-2014-4265

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment.

5 2014-07-17 CVE-2014-4264

Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect availability via unknown vectors related to Security.

4 2014-07-17 CVE-2014-4263

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."

9.3 2014-07-17 CVE-2014-4262

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

5 2014-07-17 CVE-2014-4252

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Security.

4 2014-07-17 CVE-2014-4244

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.

10 2014-07-17 CVE-2014-4227

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

9.3 2014-07-17 CVE-2014-4223

Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.

4.3 2014-07-17 CVE-2014-4221

Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

5 2014-07-17 CVE-2014-4220

Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4208.

9.3 2014-07-17 CVE-2014-4219

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

5 2014-07-17 CVE-2014-4218

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-310 Cryptographic Issues
33% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
33% (1) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')

SAINT Exploits

Description Link
Java JAX-WS gmbal package sandbox breach More info here
Java JAX-WS statistics.impl package sandbox breach More info here
Oracle Java java.awt.image.ByteComponentRaster Overflow More info here
Oracle Java Runtime Hotspot Bytecode Verifier Type Confusion More info here
Oracle Java Runtime Environment AWT storeImageArray Vulnerability More info here
Java Runtime Environment Hotspot final field vulnerability More info here
Java Runtime Environment java.awt.image.IntegerComponentRaster buffer overflow More info here
Java Runtime Environment Color Management memory overwrite More info here
Oracle Java findMethod findClass Security Bypass More info here
Oracle Java Serviceability Subcomponent ProviderSkeleton Class Vulnerability More info here

ExploitDB Exploits

id Description
28050 Oracle Java lookUpByteBI - Heap Buffer Overflow
27705 Java storeImageArray() Invalid Array Indexing Vulnerability
26529 Java Applet ProviderSkeleton Insecure Invoke Method
24966 Java Web Start Launcher ActiveX Control - Memory Corruption
24904 Java CMM Remote Code Execution
24309 Java Applet AverageRangeStatisticImpl Remote Code Execution
24308 Java Applet Method Handle Remote Code Execution
22657 Java Applet JAX-WS Remote Code Execution
19717 Java Applet Field Bytecode Verifier Cache Remote Code Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-13 Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1424-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1424_1.nasl
2012-12-13 Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1423-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1423_1.nasl
2012-12-13 Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1175-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1175_1.nasl
2012-12-13 Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0828-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_0828_1.nasl
2012-12-04 Name : Oracle Java SE 'MurmurHash' Algorithm Hash Collision DoS Vulnerability (Windows)
File : nvt/gb_oracle_java_se_murmurhash_dos_vuln_win.nasl
2012-11-02 Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:169 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2012_169.nasl
2012-10-29 Name : Ubuntu Update for openjdk-7 USN-1619-1
File : nvt/gb_ubuntu_USN_1619_1.nasl
2012-10-19 Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1384-01
File : nvt/gb_RHSA-2012_1384-01_java-1.6.0-openjdk.nasl
2012-10-19 Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct (Windows)
File : nvt/gb_oracle_java_se_mult_vuln01_oct12_win.nasl
2012-10-19 Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows)
File : nvt/gb_oracle_java_se_mult_vuln02_oct12_win.nasl
2012-10-19 Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 oct12 (Windows)
File : nvt/gb_oracle_java_se_mult_vuln03_oct12_win.nasl
2012-10-19 Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-04 oct12 (Windows)
File : nvt/gb_oracle_java_se_mult_vuln04_oct12_win.nasl
2012-10-19 Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351
File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl
2012-10-19 Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16346
File : nvt/gb_fedora_2012_16346_java-1.7.0-openjdk_fc17.nasl
2012-10-19 Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1386-01
File : nvt/gb_RHSA-2012_1386-01_java-1.7.0-openjdk.nasl
2012-10-19 Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1385-01
File : nvt/gb_RHSA-2012_1385-01_java-1.6.0-openjdk.nasl
2012-10-19 Name : CentOS Update for java CESA-2012:1386 centos6
File : nvt/gb_CESA-2012_1386_java_centos6.nasl
2012-10-19 Name : CentOS Update for java CESA-2012:1385 centos5
File : nvt/gb_CESA-2012_1385_java_centos5.nasl
2012-10-19 Name : CentOS Update for java CESA-2012:1384 centos6
File : nvt/gb_CESA-2012_1384_java_centos6.nasl
2012-10-09 Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:150-1 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2012_150_1.nasl
2012-09-21 Name : Java for Mac OS X 10.6 Update 10
File : nvt/gb_macosx_java_10_6_upd_10.nasl
2012-09-06 Name : Ubuntu Update for icedtea-web USN-1505-2
File : nvt/gb_ubuntu_USN_1505_2.nasl
2012-09-04 Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1223-01
File : nvt/gb_RHSA-2012_1223-01_java-1.7.0-openjdk.nasl
2012-09-04 Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1222-01
File : nvt/gb_RHSA-2012_1222-01_java-1.6.0-openjdk.nasl
2012-09-04 Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1221-01
File : nvt/gb_RHSA-2012_1221-01_java-1.6.0-openjdk.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0007 Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa...
Severity: Category I - VMSKEY: V0058213
2014-A-0105 Multiple Vulnerabilities in Oracle Java
Severity: Category I - VMSKEY: V0053191
2014-B-0019 Multiple Vulnerabilities in Apache Tomcat
Severity: Category I - VMSKEY: V0044527
2013-A-0191 Multiple Vulnerabilities in Java for Mac OS X
Severity: Category I - VMSKEY: V0040779
2013-A-0200 Multiple Vulnerabilities in Oracle Java
Severity: Category I - VMSKEY: V0040783
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0146 Multiple Vulnerabilities in VMware vCenter Update Manager 4.1
Severity: Category I - VMSKEY: V0033792
2012-A-0147 Multiple Vulnerabilities in VMware vCenter Server 4.1
Severity: Category I - VMSKEY: V0033793
2012-A-0148 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0033794

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-07-23 Oracle Java AtomicReferenceFieldUpdater remote code execution attempt
RuleID : 50460 - Type : FILE-JAVA - Revision : 1
2019-07-23 Oracle Java AtomicReferenceFieldUpdater remote code execution attempt
RuleID : 50459 - Type : FILE-JAVA - Revision : 1
2019-05-21 Oracle Java privileged protection domain exploitation attempt
RuleID : 49846 - Type : FILE-JAVA - Revision : 1
2019-05-21 Oracle Java privileged protection domain exploitation attempt
RuleID : 49845 - Type : FILE-JAVA - Revision : 1
2019-03-26 Oracle Java ImagingLib buffer overflow attempt
RuleID : 49256 - Type : FILE-JAVA - Revision : 1
2019-03-26 Oracle Java ImagingLib buffer overflow attempt
RuleID : 49255 - Type : FILE-JAVA - Revision : 1
2019-03-12 Oracle Java JPEGImageWriter memory corruption attempt
RuleID : 49117 - Type : FILE-JAVA - Revision : 1
2019-03-12 Oracle Java JPEGImageWriter memory corruption attempt
RuleID : 49116 - Type : FILE-JAVA - Revision : 1
2018-04-05 limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt
RuleID : 45830 - Type : SERVER-OTHER - Revision : 1
2018-01-17 limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt
RuleID : 45201 - Type : SERVER-OTHER - Revision : 2
2018-01-17 limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt
RuleID : 45200 - Type : SERVER-OTHER - Revision : 2
2018-01-17 limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt
RuleID : 45199 - Type : SERVER-OTHER - Revision : 2
2016-07-28 Oracle Java RangeStatisticImpl sandbox breach attempt
RuleID : 39355 - Type : FILE-JAVA - Revision : 1
2016-07-28 Oracle Java RangeStatisticImpl sandbox breach attempt
RuleID : 39354 - Type : FILE-JAVA - Revision : 1
2016-04-26 Oracle Java Class Loader namespace sandbox bypass attempt
RuleID : 38339 - Type : FILE-JAVA - Revision : 2
2016-04-26 Oracle Java Class Loader namespace sandbox bypass attempt
RuleID : 38338 - Type : FILE-JAVA - Revision : 2
2016-03-24 Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt
RuleID : 37821 - Type : FILE-JAVA - Revision : 1
2016-03-24 Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt
RuleID : 37820 - Type : FILE-JAVA - Revision : 1
2016-03-24 Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt
RuleID : 37819 - Type : FILE-JAVA - Revision : 1
2016-03-24 Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt
RuleID : 37818 - Type : FILE-JAVA - Revision : 1
2016-03-22 Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 37805 - Type : FILE-JAVA - Revision : 3
2016-03-22 Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 37804 - Type : FILE-JAVA - Revision : 4
2016-03-22 Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 37803 - Type : FILE-JAVA - Revision : 2
2016-03-22 Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 37802 - Type : FILE-JAVA - Revision : 2
2015-04-30 Nuclear exploit kit obfuscated file download
RuleID : 33983 - Type : EXPLOIT-KIT - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-06-10 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL48802597.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_esx_VMSA-2013-0003_remote.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_esx_VMSA-2013-0012_remote.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2012-1489-1.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2012-1489-2.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2012-1490-1.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2013-1256-1.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2013-1669-1.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2014-1422-1.nasl - Type: ACT_GATHER_INFO
2015-05-15 Name: The remote Debian host is missing a security update.
File: debian_DLA-219.nasl - Type: ACT_GATHER_INFO
2015-03-26 Name: The remote Debian host is missing a security update.
File: debian_DLA-96.nasl - Type: ACT_GATHER_INFO
2015-03-17 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3187.nasl - Type: ACT_GATHER_INFO
2015-03-17 Name: The remote application server is affected by multiple vulnerabilities.
File: websphere_7_0_0_37.nasl - Type: ACT_GATHER_INFO
2015-03-12 Name: The remote host has software installed that is affected by multiple vulnerabi...
File: ibm_rational_clearquest_8_0_1_6.nasl - Type: ACT_GATHER_INFO
2015-03-11 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-2522-3.nasl - Type: ACT_GATHER_INFO
2015-03-09 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-2522-2.nasl - Type: ACT_GATHER_INFO
2015-03-06 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2522-1.nasl - Type: ACT_GATHER_INFO
2015-02-25 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2015-0264.nasl - Type: ACT_GATHER_INFO
2015-02-16 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201502-12.nasl - Type: ACT_GATHER_INFO
2015-01-19 Name: The remote Solaris system is missing a security patch for third-party software.
File: solaris11_tomcat_20140522.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10627.nasl - Type: ACT_GATHER_INFO
2014-12-22 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10659.nasl - Type: ACT_GATHER_INFO
2014-12-16 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-772.nasl - Type: ACT_GATHER_INFO
2014-12-16 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-773.nasl - Type: ACT_GATHER_INFO
2014-12-12 Name: The remote host has an update manager installed that is affected by multiple ...
File: vmware_vcenter_update_mgr_vmsa-2014-0012.nasl - Type: ACT_GATHER_INFO