This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 2011-10-19
Product Javafx Last view 2015-10-21
Version 2 Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:oracle:javafx:2.0:*:*:*:*:*:*:* 46
cpe:2.3:a:oracle:javafx:1.2:*:*:*:*:*:*:* 45
cpe:2.3:a:oracle:javafx:1.3.0:*:*:*:*:*:*:* 45
cpe:2.3:a:oracle:javafx:1.2.2:*:*:*:*:*:*:* 45
cpe:2.3:a:oracle:javafx:2.0.2:*:*:*:*:*:*:* 44
cpe:2.3:a:oracle:javafx:1.2.3:*:*:*:*:*:*:* 44
cpe:2.3:a:oracle:javafx:1.3.1:*:*:*:*:*:*:* 44
cpe:2.3:a:oracle:javafx:2.0.3:*:*:*:*:*:*:* 42
cpe:2.3:a:oracle:javafx:2.1:*:*:*:*:*:*:* 42
cpe:2.3:a:oracle:javafx:2.2:*:*:*:*:*:*:* 41
cpe:2.3:a:oracle:javafx:2.2.4:*:*:*:*:*:*:* 36
cpe:2.3:a:oracle:javafx:2.2.3:*:*:*:*:*:*:* 36
cpe:2.3:a:oracle:javafx:2.2.7:*:*:*:*:*:*:* 23
cpe:2.3:a:oracle:javafx:2.2.5:*:*:*:*:*:*:* 23
cpe:2.3:a:oracle:javafx:2.2.21:*:*:*:*:*:*:* 11
cpe:2.3:a:oracle:javafx:2.2.45:*:*:*:*:*:*:* 4
cpe:2.3:a:oracle:javafx:2.2.51:*:*:*:*:*:*:* 4
cpe:2.3:a:oracle:javafx:2.2.76:*:*:*:*:*:*:* 4
cpe:2.3:a:oracle:javafx:2.2.80:*:*:*:*:*:*:* 3
cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:* 3

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5 2015-10-21 CVE-2015-4916

Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908.

5 2015-10-21 CVE-2015-4908

Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916.

5 2015-10-21 CVE-2015-4906

Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916.

10 2015-07-16 CVE-2015-2638

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

5 2015-07-16 CVE-2015-2637

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.

5 2015-07-16 CVE-2015-2619

Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.

9.3 2015-04-16 CVE-2015-0492

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.

10 2015-04-16 CVE-2015-0491

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.

6.8 2015-04-16 CVE-2015-0484

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.

10 2015-04-16 CVE-2015-0459

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.

6.8 2014-04-15 CVE-2014-2422

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and JavaFX 2.2.51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10 2014-04-15 CVE-2014-2421

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

5 2014-04-15 CVE-2014-2401

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D.

3.5 2014-04-15 CVE-2014-2398

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.

9.3 2014-01-15 CVE-2014-0417

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

4.3 2014-01-15 CVE-2014-0382

Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX.

5 2014-01-15 CVE-2013-5895

Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.

6.8 2014-01-15 CVE-2013-5870

Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

2.6 2013-10-16 CVE-2013-5854

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors.

5 2013-10-16 CVE-2013-5848

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.

9.3 2013-10-16 CVE-2013-5846

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, and JavaFX 2.2.40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

9.3 2013-10-16 CVE-2013-5844

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

10 2013-10-16 CVE-2013-5843

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

9.3 2013-10-16 CVE-2013-5810

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

3.5 2013-10-16 CVE-2013-5797

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:19337 HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:14291 Unspecified vulnerability in the Java Runtime Environment component in Oracle...
oval:org.mitre.oval:def:22009 RHSA-2011:1384: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:20940 RHSA-2012:0034: java-1.6.0-ibm security update (Critical)
oval:org.mitre.oval:def:19361 HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:14274 Unspecified vulnerability in the Java Runtime Environment component in Oracle...
oval:org.mitre.oval:def:23332 ELSA-2011:1384: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:23157 ELSA-2012:0034: java-1.6.0-ibm security update (Critical)
oval:org.mitre.oval:def:23119 DEPRECATED: ELSA-2011:1384: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:22859 DEPRECATED: ELSA-2012:0034: java-1.6.0-ibm security update (Critical)
oval:org.mitre.oval:def:19800 HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:14878 Unspecified vulnerability in the Java Runtime Environment (JRE) component in ...
oval:org.mitre.oval:def:19583 HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:14844 Unspecified vulnerability in the Java Runtime Environment (JRE) component in ...
oval:org.mitre.oval:def:19868 HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:16502 Unspecified vulnerability in the Java Runtime Environment (JRE) component in ...
oval:org.mitre.oval:def:19411 HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:16546 Unspecified vulnerability in the Java Runtime Environment (JRE) component in ...
oval:org.mitre.oval:def:16308 Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2....
oval:org.mitre.oval:def:16221 Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2....
oval:org.mitre.oval:def:15827 Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2....
oval:org.mitre.oval:def:19917 HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:16544 Unspecified vulnerability in the Java Runtime Environment (JRE) component in ...
oval:org.mitre.oval:def:16673 Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2....
oval:org.mitre.oval:def:16180 Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2....

SAINT Exploits

Description Link
Java Web Start initial heap size command injection More info here

Open Source Vulnerability Database (OSVDB)

id Description
76513 Oracle Java SE JRE Deployment Component Unspecified Remote Information Disclo...
76509 Oracle Java SE JRE Deployment Component Unspecified Remote Issue (2011-3546)

ExploitDB Exploits

id Description
26123 Java Web Start Double Quote Injection Remote Code Execution

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-13 Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0828-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_0828_1.nasl
2012-10-29 Name : Ubuntu Update for openjdk-7 USN-1619-1
File : nvt/gb_ubuntu_USN_1619_1.nasl
2012-10-19 Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows)
File : nvt/gb_oracle_java_se_mult_vuln02_oct12_win.nasl
2012-09-06 Name : Ubuntu Update for icedtea-web USN-1505-2
File : nvt/gb_ubuntu_USN_1505_2.nasl
2012-08-30 Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9590
File : nvt/gb_fedora_2012_9590_java-1.7.0-openjdk_fc17.nasl
2012-08-22 Name : Oracle Java SE Java Runtime Environment Multiple Unspecified Vulnerabilities ...
File : nvt/gb_oracle_java_se_mult_unspecified_vuln_aug12_win.nasl
2012-08-10 Name : Debian Security Advisory DSA 2507-1 (openjdk-6)
File : nvt/deb_2507_1.nasl
2012-08-03 Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:095 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2012_095.nasl
2012-07-30 Name : CentOS Update for java CESA-2012:0729 centos6
File : nvt/gb_CESA-2012_0729_java_centos6.nasl
2012-07-30 Name : CentOS Update for java CESA-2012:0730 centos5
File : nvt/gb_CESA-2012_0730_java_centos5.nasl
2012-07-30 Name : CentOS Update for java CESA-2012:1009 centos6
File : nvt/gb_CESA-2012_1009_java_centos6.nasl
2012-07-16 Name : Ubuntu Update for openjdk-6 USN-1505-1
File : nvt/gb_ubuntu_USN_1505_1.nasl
2012-06-22 Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1009-01
File : nvt/gb_RHSA-2012_1009-01_java-1.7.0-openjdk.nasl
2012-06-19 Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-9593
File : nvt/gb_fedora_2012_9593_java-1.7.0-openjdk_fc16.nasl
2012-06-19 Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9541
File : nvt/gb_fedora_2012_9541_java-1.6.0-openjdk_fc15.nasl
2012-06-19 Name : Fedora Update for java-1.6.0-openjdk FEDORA-2012-9545
File : nvt/gb_fedora_2012_9545_java-1.6.0-openjdk_fc16.nasl
2012-06-15 Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0730-01
File : nvt/gb_RHSA-2012_0730-01_java-1.6.0-openjdk.nasl
2012-06-15 Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:0729-01
File : nvt/gb_RHSA-2012_0729-01_java-1.6.0-openjdk.nasl
2012-04-09 Name : Java Runtime Environment Multiple Vulnerabilities (MAC OS X)
File : nvt/gb_jre_mult_vuln_macosx.nasl
2012-02-21 Name : Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 01)
File : nvt/gb_oracle_java_se_mult_vuln_feb12_win_01.nasl
2012-02-21 Name : Oracle Java SE JRE Multiple Vulnerabilities - February 2012 (Windows - 02)
File : nvt/gb_oracle_java_se_mult_vuln_feb12_win_02.nasl
2012-02-21 Name : Oracle Java SE JDK Multiple Vulnerabilities - February 2012 (Windows - 02)
File : nvt/gb_oracle_java_se_jdk_mult_vuln_feb12_win_02.nasl
2012-02-21 Name : Oracle Java SE JDK Multiple Vulnerabilities - February 2012 (Windows - 01)
File : nvt/gb_oracle_java_se_jdk_mult_vuln_feb12_win_01.nasl
2012-02-21 Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:021 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2012_021.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201111-02 (sun-jre-bin sun-jdk emul-linux-x86-j...
File : nvt/glsa_201111_02.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0158 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0061089
2014-A-0056 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0049583
2014-B-0019 Multiple Vulnerabilities in Apache Tomcat
Severity: Category I - VMSKEY: V0044527
2014-A-0010 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0043398
2013-A-0191 Multiple Vulnerabilities in Java for Mac OS X
Severity: Category I - VMSKEY: V0040779
2013-A-0200 Multiple Vulnerabilities in Oracle Java
Severity: Category I - VMSKEY: V0040783
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0146 Multiple Vulnerabilities in VMware vCenter Update Manager 4.1
Severity: Category I - VMSKEY: V0033792
2012-A-0147 Multiple Vulnerabilities in VMware vCenter Server 4.1
Severity: Category I - VMSKEY: V0033793
2012-A-0148 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0033794
2012-A-0048 Multiple Vulnerabilities in VMware vCenter Update Manager 5.0
Severity: Category I - VMSKEY: V0031901

Snort® IPS/IDS

Date Description
2014-11-16 Oracle Java Web Start arbitrary command execution attempt
RuleID : 31946 - Type : FILE-JAVA - Revision : 2
2014-01-10 Oracle Javadoc generated frame replacement attempt
RuleID : 26994 - Type : BROWSER-PLUGINS - Revision : 4
2014-01-10 Oracle Java Runtime true type font idef opcode heap buffer overflow attempt
RuleID : 24915 - Type : FILE-JAVA - Revision : 8
2014-01-10 Oracle Java Runtime true type font idef opcode heap buffer overflow attempt
RuleID : 24701 - Type : FILE-JAVA - Revision : 12
2014-01-10 Phoenix exploit kit post-compromise behavior
RuleID : 21860 - Type : MALWARE-CNC - Revision : 5
2014-01-10 Phoenix exploit kit landing page
RuleID : 21640 - Type : EXPLOIT-KIT - Revision : 6
2014-01-10 Oracle Java Web Start arbitrary command execution attempt
RuleID : 21481 - Type : FILE-JAVA - Revision : 14
2014-01-10 Oracle Java Web Start arbitrary command execution attempt
RuleID : 16585 - Type : WEB-CLIENT - Revision : 5

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-03-14 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201603-11.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_esx_VMSA-2013-0003_remote.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_esx_VMSA-2013-0012_remote.nasl - Type: ACT_GATHER_INFO
2016-03-03 Name: The remote VMware ESXi / ESX host is missing a security-related patch.
File: vmware_VMSA-2012-0005_remote.nasl - Type: ACT_GATHER_INFO
2016-02-03 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-106.nasl - Type: ACT_GATHER_INFO
2016-01-14 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0113-1.nasl - Type: ACT_GATHER_INFO
2015-12-16 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_a5934ba8a37611e585e914dae9d210b8.nasl - Type: ACT_GATHER_INFO
2015-12-16 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-2168-2.nasl - Type: ACT_GATHER_INFO
2015-12-09 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-2216-1.nasl - Type: ACT_GATHER_INFO
2015-12-04 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-2182-1.nasl - Type: ACT_GATHER_INFO
2015-12-03 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-2166-1.nasl - Type: ACT_GATHER_INFO
2015-12-03 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-2168-1.nasl - Type: ACT_GATHER_INFO
2015-11-05 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-696.nasl - Type: ACT_GATHER_INFO
2015-10-23 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2015-1926.nasl - Type: ACT_GATHER_INFO
2015-10-22 Name: The remote Windows host contains a programming platform that is affected by m...
File: oracle_java_cpu_oct_2015.nasl - Type: ACT_GATHER_INFO
2015-10-22 Name: The remote Unix host contains a programming platform that is affected by mult...
File: oracle_java_cpu_oct_2015_unix.nasl - Type: ACT_GATHER_INFO
2015-09-09 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1509-1.nasl - Type: ACT_GATHER_INFO
2015-08-17 Name: The remote AIX host has a version of Java SDK installed that is affected by m...
File: aix_java_july2015_advisory.nasl - Type: ACT_GATHER_INFO
2015-08-13 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2015-1604.nasl - Type: ACT_GATHER_INFO
2015-08-13 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1375-1.nasl - Type: ACT_GATHER_INFO
2015-08-05 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2015-1544.nasl - Type: ACT_GATHER_INFO
2015-08-04 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1329-1.nasl - Type: ACT_GATHER_INFO
2015-08-04 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1331-1.nasl - Type: ACT_GATHER_INFO
2015-07-31 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1319-1.nasl - Type: ACT_GATHER_INFO
2015-07-31 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2015-1320-1.nasl - Type: ACT_GATHER_INFO