This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
Synopsis :
The remote Windows host contains a programming platform that is
affected by multiple vulnerabilities.
Description :
The version of Oracle (formerly Sun) Java SE or Java for Business
installed on the remote host is earlier than 6 Update 26 / 5.0 Update
30 / 1.4.2_32. Such versions are potentially affected by security
issues in the following components :
- AWT
- Deployment
- Deserialization
- Hotspot
- Java Runtime Environment
- Networking
- NIO
- SAAJ
- Sound
- Swing
See also :
http://www.nessus.org/u?8569058d
http://www.zerodayinitiative.com/advisories/ZDI-11-182/
http://www.zerodayinitiative.com/advisories/ZDI-11-183/
http://www.zerodayinitiative.com/advisories/ZDI-11-184/
http://www.zerodayinitiative.com/advisories/ZDI-11-185/
http://www.zerodayinitiative.com/advisories/ZDI-11-186/
http://www.zerodayinitiative.com/advisories/ZDI-11-187/
http://www.zerodayinitiative.com/advisories/ZDI-11-188/
http://www.zerodayinitiative.com/advisories/ZDI-11-189/
http://www.zerodayinitiative.com/advisories/ZDI-11-190/
http://www.zerodayinitiative.com/advisories/ZDI-11-191/
http://www.zerodayinitiative.com/advisories/ZDI-11-192/
http://www.securityfocus.com/archive/1/518303/30/0/threaded
http://www.securityfocus.com/archive/1/518304/30/0/threaded
http://www.securityfocus.com/archive/1/518307/30/0/threaded
http://www.securityfocus.com/archive/1/518305/30/0/threaded
http://www.securityfocus.com/archive/1/518306/30/0/threaded
http://www.securityfocus.com/archive/1/518309/30/0/threaded
http://www.securityfocus.com/archive/1/518308/30/0/threaded
http://www.securityfocus.com/archive/1/518315/30/0/threaded
http://www.securityfocus.com/archive/1/518313/30/0/threaded
http://www.securityfocus.com/archive/1/518312/30/0/threaded
http://www.securityfocus.com/archive/1/518311/30/0/threaded
Solution :
Update to JDK / JRE 6 Update 26, JDK 5.0 Update 30, SDK 1.4.2_32 or
later and remove, if necessary, any affected versions.
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false
Family: Windows
Nessus Plugin ID: 54997 ()
Bugtraq ID: 48133
48134
48135
48136
48137
48138
48139
48140
48141
48142
48143
48144
48145
48146
48147
48148
48149
CVE ID: CVE-2011-0786
CVE-2011-0788
CVE-2011-0802
CVE-2011-0814
CVE-2011-0815
CVE-2011-0817
CVE-2011-0862
CVE-2011-0863
CVE-2011-0864
CVE-2011-0865
CVE-2011-0866
CVE-2011-0867
CVE-2011-0868
CVE-2011-0869
CVE-2011-0871
CVE-2011-0872
CVE-2011-0873