This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:oracle:jdk:1.7.0:update4
Detail
VendorOracleFirst view 2012-05-03
ProductJdkLast view2017-12-29
Version1.7.0TypeApplication
Edition 
Language 
Updateupdate4 
 
CPE Productcpe:/a:oracle:jdk

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
52017-12-29CVE-2013-4578NetworkLowNone Requ...
2.62013-10-16CVE-2013-5854NetworkHighNone Requ...
7.62013-10-16CVE-2013-5852NetworkHighNone Requ...
52013-10-16CVE-2013-5851NetworkLowNone Requ...
9.32013-10-16CVE-2013-5850NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32013-10-16CVE-2013-5849NetworkMediumNone Requ...
52013-10-16CVE-2013-5848NetworkLowNone Requ...
9.32013-10-16CVE-2013-5846NetworkMediumNone Requ...
9.32013-10-16CVE-2013-5844NetworkMediumNone Requ...
102013-10-16CVE-2013-5843NetworkLowNone Requ...
102013-10-16CVE-2013-5842NetworkLowNone Requ...
52013-10-16CVE-2013-5840NetworkLowNone Requ...
9.32013-10-16CVE-2013-5838NetworkMediumNone Requ...
9.32013-10-16CVE-2013-5832NetworkMediumNone Requ...
52013-10-16CVE-2013-5831NetworkLowNone Requ...
102013-10-16CVE-2013-5830NetworkLowNone Requ...
102013-10-16CVE-2013-5829NetworkLowNone Requ...
52013-10-16CVE-2013-5825NetworkLowNone Requ...
102013-10-16CVE-2013-5824NetworkLowNone Requ...
52013-10-16CVE-2013-5823NetworkLowNone Requ...
52013-10-16CVE-2013-5820NetworkLowNone Requ...
52013-10-16CVE-2013-5819NetworkLowNone Requ...
52013-10-16CVE-2013-5818NetworkLowNone Requ...
102013-10-16CVE-2013-5817NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
40% (2)CWE-264Permissions, Privileges, and Access Controls
20% (1)CWE-310Cryptographic Issues
20% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (1)CWE-74Failure to Sanitize Data into a Different Plane ('Injection')

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:19584HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:16444Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java ...
oval:org.mitre.oval:def:21593RHSA-2012:1384: java-1.6.0-openjdk security update (Critical)
oval:org.mitre.oval:def:21586RHSA-2012:1386: java-1.7.0-openjdk security update (Important)
oval:org.mitre.oval:def:21422RHSA-2012:1385: java-1.6.0-openjdk security update (Important)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:21199RHSA-2012:1391: java-1.7.0-oracle security update (Critical)
oval:org.mitre.oval:def:20645RHSA-2012:1392: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:18994HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:16506Unspecified vulnerability in the Java Runtime Environment (JRE) component in ...
oval:org.mitre.oval:def:23907ELSA-2012:1386: java-1.7.0-openjdk security update (Important)
oval:org.mitre.oval:def:23866ELSA-2012:1392: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:23780ELSA-2012:1384: java-1.6.0-openjdk security update (Critical)
oval:org.mitre.oval:def:23740ELSA-2012:1391: java-1.7.0-oracle security update (Critical)
oval:org.mitre.oval:def:22450ELSA-2012:1385: java-1.6.0-openjdk security update (Important)
oval:org.mitre.oval:def:27810DEPRECATED: ELSA-2012-1385 -- java-1.6.0-openjdk security update (important)
oval:org.mitre.oval:def:27804DEPRECATED: ELSA-2012-1384 -- java-1.6.0-openjdk security update (critical)
oval:org.mitre.oval:def:19484HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:19471HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:19261HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, an...
oval:org.mitre.oval:def:15888Unspecified vulnerability in the Java Runtime Environment (JRE) component in ...
oval:org.mitre.oval:def:20467RHSA-2013:0770: java-1.6.0-openjdk security update (Important)
oval:org.mitre.oval:def:16410Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java ...
oval:org.mitre.oval:def:24051ELSA-2013:0770: java-1.6.0-openjdk security update (Important)
oval:org.mitre.oval:def:23493DEPRECATED: ELSA-2013:0770: java-1.6.0-openjdk security update (Important)
oval:org.mitre.oval:def:19605HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, a...

SAINT Exploits

DescriptionLink
Java MBeanInstantiator findClass and Introspector Sandbox EscapeMore info here
Java JAX-WS gmbal package sandbox breachMore info here
Java JAX-WS statistics.impl package sandbox breachMore info here
Oracle Java java.awt.image.ByteComponentRaster OverflowMore info here
Oracle Java Runtime Hotspot Bytecode Verifier Type ConfusionMore info here
Hide | Show 7 More...
DescriptionLink
Oracle Java Runtime Environment AWT storeImageArray VulnerabilityMore info here
Java Runtime Environment Hotspot final field vulnerabilityMore info here
Java Runtime Environment java.awt.image.IntegerComponentRaster buffer overflowMore info here
Java Runtime Environment Color Management memory overwriteMore info here
Oracle Java findMethod findClass Security BypassMore info here
Java MBeanInstantiator.findClass and Recursive Reflection Sandbox EscapeMore info here
Oracle Java Serviceability Subcomponent ProviderSkeleton Class VulnerabilityMore info here

ExploitDB Exploits

idDescription
28050Oracle Java lookUpByteBI - Heap Buffer Overflow
27705Java storeImageArray() Invalid Array Indexing Vulnerability
26529Java Applet ProviderSkeleton Insecure Invoke Method
24966Java Web Start Launcher ActiveX Control - Memory Corruption
24904Java CMM Remote Code Execution
Hide | Show 6 More...
idDescription
24539Java Applet JMX Remote Code Execution
24309Java Applet AverageRangeStatisticImpl Remote Code Execution
24308Java Applet Method Handle Remote Code Execution
24045Java Applet JMX Remote Code Execution
22657Java Applet JAX-WS Remote Code Execution
19717Java Applet Field Bytecode Verifier Cache Remote Code Execution

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-13Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:0828-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_0828_1.nasl
2012-12-13Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1175-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1175_1.nasl
2012-12-13Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1423-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1423_1.nasl
2012-12-13Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1424-1 (java-1_6_0-openjdk)
File : nvt/gb_suse_2012_1424_1.nasl
2012-12-04Name : Oracle Java SE Hash Collision DoS Vulnerability (Windows)
File : nvt/gb_oracle_java_se_hash_collision_dos_vuln_win.nasl
Hide | Show 20 More...
idDescription
2012-11-02Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:169 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2012_169.nasl
2012-10-29Name : Ubuntu Update for openjdk-7 USN-1619-1
File : nvt/gb_ubuntu_USN_1619_1.nasl
2012-10-19Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1384-01
File : nvt/gb_RHSA-2012_1384-01_java-1.6.0-openjdk.nasl
2012-10-19Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1385-01
File : nvt/gb_RHSA-2012_1385-01_java-1.6.0-openjdk.nasl
2012-10-19Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1386-01
File : nvt/gb_RHSA-2012_1386-01_java-1.7.0-openjdk.nasl
2012-10-19Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct (Windows)
File : nvt/gb_oracle_java_se_mult_vuln01_oct12_win.nasl
2012-10-19Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16346
File : nvt/gb_fedora_2012_16346_java-1.7.0-openjdk_fc17.nasl
2012-10-19Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows)
File : nvt/gb_oracle_java_se_mult_vuln02_oct12_win.nasl
2012-10-19Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 oct12 (Windows)
File : nvt/gb_oracle_java_se_mult_vuln03_oct12_win.nasl
2012-10-19Name : Fedora Update for java-1.7.0-openjdk FEDORA-2012-16351
File : nvt/gb_fedora_2012_16351_java-1.7.0-openjdk_fc16.nasl
2012-10-19Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-04 oct12 (Windows)
File : nvt/gb_oracle_java_se_mult_vuln04_oct12_win.nasl
2012-10-19Name : CentOS Update for java CESA-2012:1384 centos6
File : nvt/gb_CESA-2012_1384_java_centos6.nasl
2012-10-19Name : CentOS Update for java CESA-2012:1385 centos5
File : nvt/gb_CESA-2012_1385_java_centos5.nasl
2012-10-19Name : CentOS Update for java CESA-2012:1386 centos6
File : nvt/gb_CESA-2012_1386_java_centos6.nasl
2012-10-09Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:150-1 (java-1.6.0-openjdk)
File : nvt/gb_mandriva_MDVSA_2012_150_1.nasl
2012-09-21Name : Java for Mac OS X 10.6 Update 10
File : nvt/gb_macosx_java_10_6_upd_10.nasl
2012-09-06Name : Ubuntu Update for icedtea-web USN-1505-2
File : nvt/gb_ubuntu_USN_1505_2.nasl
2012-09-04Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1221-01
File : nvt/gb_RHSA-2012_1221-01_java-1.6.0-openjdk.nasl
2012-09-04Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1222-01
File : nvt/gb_RHSA-2012_1222-01_java-1.6.0-openjdk.nasl
2012-09-04Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1223-01
File : nvt/gb_RHSA-2012_1223-01_java-1.7.0-openjdk.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-B-0019Multiple Vulnerabilities in Apache Tomcat
Severity : Category I - VMSKEY : V0044527
2013-A-0191Multiple Vulnerabilities in Java for Mac OS X
Severity : Category I - VMSKEY : V0040779
2013-A-0200Multiple Vulnerabilities in Oracle Java
Severity : Category I - VMSKEY : V0040783
2012-A-0153Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0033884
2012-A-0146Multiple Vulnerabilities in VMware vCenter Update Manager 4.1
Severity : Category I - VMSKEY : V0033792

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2019-03-26Oracle Java ImagingLib buffer overflow attempt
RuleID : 49256 - Type : FILE-JAVA - Revision : 1
2019-03-26Oracle Java ImagingLib buffer overflow attempt
RuleID : 49255 - Type : FILE-JAVA - Revision : 1
2019-03-12Oracle Java JPEGImageWriter memory corruption attempt
RuleID : 49117 - Type : FILE-JAVA - Revision : 1
2019-03-12Oracle Java JPEGImageWriter memory corruption attempt
RuleID : 49116 - Type : FILE-JAVA - Revision : 1
2018-04-05limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt
RuleID : 45830 - Type : SERVER-OTHER - Revision : 1
Hide | Show 20 More...
DateDescription
2018-01-17limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt
RuleID : 45201 - Type : SERVER-OTHER - Revision : 2
2018-01-17limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt
RuleID : 45200 - Type : SERVER-OTHER - Revision : 2
2018-01-17limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt
RuleID : 45199 - Type : SERVER-OTHER - Revision : 2
2016-07-28Oracle Java RangeStatisticImpl sandbox breach attempt
RuleID : 39355 - Type : FILE-JAVA - Revision : 1
2016-07-28Oracle Java RangeStatisticImpl sandbox breach attempt
RuleID : 39354 - Type : FILE-JAVA - Revision : 1
2016-04-26Oracle Java Class Loader namespace sandbox bypass attempt
RuleID : 38339 - Type : FILE-JAVA - Revision : 2
2016-04-26Oracle Java Class Loader namespace sandbox bypass attempt
RuleID : 38338 - Type : FILE-JAVA - Revision : 2
2016-03-24Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt
RuleID : 37821 - Type : FILE-JAVA - Revision : 1
2016-03-24Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt
RuleID : 37820 - Type : FILE-JAVA - Revision : 1
2016-03-24Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt
RuleID : 37819 - Type : FILE-JAVA - Revision : 1
2016-03-24Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt
RuleID : 37818 - Type : FILE-JAVA - Revision : 1
2016-03-22Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 37805 - Type : FILE-JAVA - Revision : 3
2016-03-22Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 37804 - Type : FILE-JAVA - Revision : 3
2016-03-22Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 37803 - Type : FILE-JAVA - Revision : 2
2016-03-22Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 37802 - Type : FILE-JAVA - Revision : 2
2015-04-30Nuclear exploit kit obfuscated file download
RuleID : 33983 - Type : EXPLOIT-KIT - Revision : 4
2015-04-30Nuclear exploit kit landing page detected
RuleID : 33982 - Type : EXPLOIT-KIT - Revision : 3
2014-11-16Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 31541 - Type : FILE-JAVA - Revision : 7
2014-11-16Oracle Java IntegerInterleavedRaster integer overflow attempt
RuleID : 31540 - Type : FILE-JAVA - Revision : 6
2014-11-16Oracle Java field bytecode verifier cache code execution attempt
RuleID : 31512 - Type : FILE-JAVA - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2016-06-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL48802597.nasl - Type : ACT_GATHER_INFO
2016-03-04Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_esx_VMSA-2013-0003_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_esx_VMSA-2013-0012_remote.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1489-1.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1489-2.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2012-1490-1.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1256-1.nasl - Type : ACT_GATHER_INFO
2015-05-20Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2013-1669-1.nasl - Type : ACT_GATHER_INFO
2015-05-15Name : The remote Debian host is missing a security update.
File : debian_DLA-219.nasl - Type : ACT_GATHER_INFO
2015-03-17Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3187.nasl - Type : ACT_GATHER_INFO
2015-03-11Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2522-3.nasl - Type : ACT_GATHER_INFO
2015-03-09Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2522-2.nasl - Type : ACT_GATHER_INFO
2015-03-06Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2522-1.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_tomcat_20140522.nasl - Type : ACT_GATHER_INFO
2014-12-22Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa10627.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1332.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1793.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0414.nasl - Type : ACT_GATHER_INFO
2014-11-06Name : The remote host has a version of Java installed that is affected by multiple ...
File : macosx_java_2014-001.nasl - Type : ACT_GATHER_INFO
2014-08-22Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_jsa10642.nasl - Type : ACT_GATHER_INFO
2014-07-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0675.nasl - Type : ACT_GATHER_INFO
2014-07-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0685.nasl - Type : ACT_GATHER_INFO
2014-07-24Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0675.nasl - Type : ACT_GATHER_INFO