Oracle Java SE 7 < Update 11 Multiple Vulnerabilities

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

The remote Windows host contains a programming platform that is
potentially affected by multiple vulnerabilities.

Description :

The version of Oracle (formerly Sun) Java SE or Java for Business
installed on the remote host is earlier than 7 Update 11 and is,
therefore, potentially affected by the following security issues :

- An unspecified issue exists in the Libraries
component. (CVE-2012-3174)

- An error exists in the 'MBeanInstantiator.findClass'
method that could allow remote, arbitrary code execution.

Note that, according the advisory, these issues apply to client
deployments of Java only and can only be exploited through untrusted
'Java Web Start' applications and untrusted Java applets.

See also :

Solution :

Update to JDK / JRE 7 Update 11 or later and, if necessary, remove any
affected versions.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 63521 ()

Bugtraq ID: 57246

CVE ID: CVE-2012-3174

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial