Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: Applies to deployment of Java where the Java Auto Update is enabled. CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.securityfocus.com/bid/99809
http://www.securitytracker.com/id/1038931
Source: MITRE
Published: 2017-08-08
Updated: 2020-09-08
Type: NVD-CWE-noinfo
Base Score: 4.4
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 3.4
Severity: MEDIUM
Base Score: 7.1
Vector: CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Impact Score: 6
Exploitability Score: 0.5
Severity: HIGH
OR
cpe:2.3:a:oracle:jdk:1.7.0:update141:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update131:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
121719 | Photon OS 1.0: Openjre PHSA-2017-0026 | Nessus | PhotonOS Local Security Checks | high |
121718 | Photon OS 1.0: Openjdk PHSA-2017-0026 | Nessus | PhotonOS Local Security Checks | high |
111875 | Photon OS 1.0: Openjdk / Openjre / Pycrypto / Python3 PHSA-2017-0026 (deprecated) | Nessus | PhotonOS Local Security Checks | high |
105714 | openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2018-14) | Nessus | SuSE Local Security Checks | high |
105538 | SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2018:0005-1) | Nessus | SuSE Local Security Checks | high |
103450 | GLSA-201709-22 : Oracle JDK/JRE, IcedTea: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | medium |
103191 | AIX Java Advisory : java_july2017_advisory.asc (July 2017 CPU) | Nessus | AIX Local Security Checks | high |
102837 | SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2017:2281-1) | Nessus | SuSE Local Security Checks | medium |
102836 | SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2017:2280-1) | Nessus | SuSE Local Security Checks | medium |
102801 | SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2017:2263-1) | Nessus | SuSE Local Security Checks | medium |
102621 | openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2017-954) | Nessus | SuSE Local Security Checks | medium |
102541 | SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2017:2175-1) | Nessus | SuSE Local Security Checks | medium |
700165 | Oracle Java SE 6 < Update 161 / 7 < Update 151 / 8 < Update 141 Multiple Vulnerabilities | Nessus Network Monitor | Web Clients | critical |
101844 | Oracle Java SE Multiple Vulnerabilities (July 2017 CPU) (Unix) | Nessus | Misc. | medium |
101843 | Oracle Java SE Multiple Vulnerabilities (July 2017 CPU) | Nessus | Windows | medium |