Oracle Java JRE Unsupported Version Detection (Unix)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote host contains one or more unsupported versions of the
Oracle Java JRE.

Description :

According to its version, there is at least one unsupported Oracle
(formerly Sun) Java JRE installation on the remote host. The software
is no longer actively maintained.

Lack of support implies that no new security patches will be released.

Note that Oracle does provide support contracts under the 'Oracle
Lifetime Support' program. If the detected JRE is supported under this
program, this may be a false positive.

See also :

http://www.oracle.com/technetwork/java/eol-135779.html
http://www.oracle.com/us/support/lifetime-support-068561.html

Solution :

Upgrade to an actively maintained version.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Misc.

Nessus Plugin ID: 64816 ()

Bugtraq ID:

CVE ID: