This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 2017-10-19
Product Jrockit Last view 2017-10-19
Version r28.3.15 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:oracle:jrockit

Activity : Overall

Related : CVE

  Date Alert Description
5.3 2017-10-19 CVE-2017-10355

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

3.1 2017-10-19 CVE-2017-10345

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).

4 2017-10-19 CVE-2017-10295

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).

5.3 2017-10-19 CVE-2017-10281

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-12-26 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-936.nasl - Type: ACT_GATHER_INFO
2017-12-18 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1331.nasl - Type: ACT_GATHER_INFO
2017-12-18 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1330.nasl - Type: ACT_GATHER_INFO
2017-12-15 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3453.nasl - Type: ACT_GATHER_INFO
2017-12-08 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-3392.nasl - Type: ACT_GATHER_INFO
2017-12-07 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-3392.nasl - Type: ACT_GATHER_INFO
2017-12-07 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3392.nasl - Type: ACT_GATHER_INFO
2017-12-07 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3392.nasl - Type: ACT_GATHER_INFO
2017-12-07 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20171206_java_1_7_0_openjdk_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2017-11-29 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3497-1.nasl - Type: ACT_GATHER_INFO
2017-11-29 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3268.nasl - Type: ACT_GATHER_INFO
2017-11-29 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3267.nasl - Type: ACT_GATHER_INFO
2017-11-28 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-3264.nasl - Type: ACT_GATHER_INFO
2017-11-27 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4048.nasl - Type: ACT_GATHER_INFO
2017-11-27 Name: The remote Debian host is missing a security update.
File: debian_DLA-1187.nasl - Type: ACT_GATHER_INFO
2017-11-20 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201711-14.nasl - Type: ACT_GATHER_INFO
2017-11-16 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-2998.nasl - Type: ACT_GATHER_INFO
2017-11-13 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2989-1.nasl - Type: ACT_GATHER_INFO
2017-11-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-1269.nasl - Type: ACT_GATHER_INFO
2017-11-09 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3473-1.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4015.nasl - Type: ACT_GATHER_INFO
2017-11-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1255.nasl - Type: ACT_GATHER_INFO
2017-11-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1254.nasl - Type: ACT_GATHER_INFO
2017-10-30 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201710-31.nasl - Type: ACT_GATHER_INFO
2017-10-27 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-917.nasl - Type: ACT_GATHER_INFO