Sun Java JRE / Web Start Multiple Vulnerabilities (103072, 103073, 103078, 103079, 103112)

This script is Copyright (C) 2007-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by
multiple vulnerabilities.

Description :

According to its version number, the Sun Java Runtime Environment
(JRE) and/or Web Start installed on the remote host reportedly is
affected by several issues that could be abused to move / copy local
files, read or write local files, circumvent network access
restrictions, or elevate privileges.

See also :

http://conference.hitb.org/hitbsecconf2007kl/?page_id=148
http://www.nessus.org/u?d88f8c90
http://www.nessus.org/u?3744db68
http://www.nessus.org/u?6dd067e0
http://www.nessus.org/u?1cbab94e
http://www.nessus.org/u?811a9446

Solution :

Update to Sun JDK and JRE 6 Update 3 / JDK and JRE 5.0 Update 13 / SDK
and JRE 1.4.2_16 / SDK and JRE 1.3.1_21 or later and remove if
necessary any other affected versions.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now