76508 : Oracle Java SE / JRE Component Unspecified Remote Issue (2011-3555)
Printer | http://osvdb.org/76508 | Email This | Edit Vulnerability

Views This Week	Views All Time	Added to OSVDB	Last Modified	Modified (since 2008)	Percent Complete
11	741	over 1 year ago	28 days ago	4 times	80%

Timeline

Disclosure Date
2011-10-18

Description

Oracle Java SE contains a flaw related to the Java Runtime Environment component that may allow a remote attacker to manipulate unspecified data and cause a denial of service. No further details have been provided.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Oracle has released a Critical Patch Update to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Unknown or Incomplete

References

OVAL ID: 14400
CVE ID: 2011-3555 (see also: NVD)
Secunia Advisory ID: 46490 46512 46695 46728 47313 48323 48335 48444 49333 49953 49966 50395 50782 53217 53219
Bugtraq ID: 50237
ISS X-Force ID: 70838
Related OSVDB ID: 76495 76496 76497 76498 76499 76500 76501 76502 76503 76504 76505 76506 76507 76509 76510 76511 76512 76513
Vendor Specific Advisory URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03358587
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03405642
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://www.vmware.com/security/advisories/VMSA-2012-0003.html
http://www.vmware.com/security/advisories/VMSA-2012-0005.html
https://downloads.avaya.com/css/P8/documents/100154049
Vendor Specific News/Changelog Entry: http://lists.opensuse.org/opensuse-updates/2011-10/msg00035.html
http://support.attachmate.com/techdocs/1704.html
http://www.gentoo.org/security/en/glsa/glsa-201111-02.xml
http://www.ibm.com/developerworks/java/jdk/alerts/
http://www.ibm.com/support/docview.wss?uid=swg21609004
http://www.ibm.com/support/docview.wss?uid=swg21609022
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
News Article: http://www.csoonline.com/article/691961/oracle-patch-batch-affects-hundreds-of-products
RedHat RHSA: RHSA-2011-1384

Credit

Not Available

CVSSv2 Score

CVSSv2 Base Score = 6.1
Source: nvd.nist.gov | Generated: 2011-10-20 | Disagree?

Comments

Add Comment Hide Add Comment

No Comments.

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.