Oracle Java SE 7 < Update 11 Multiple Vulnerabilities (Unix)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

The remote host contains a programming platform that is potentially
affected by multiple vulnerabilities.

Description :

The version of Oracle (formerly Sun) Java SE or Java for Business
installed on the remote host is earlier than 7 Update 11 and is,
therefore, potentially affected by the following security issues :

- An unspecified issue exists in the Libraries
component. (CVE-2012-3174)

- An error exists in the 'MBeanInstantiator.findClass'
method that could allow remote, arbitrary code execution.

Note that, according the advisory, these issues apply to client
deployments of Java only and can only be exploited through untrusted
'Java Web Start' applications and untrusted Java applets.

See also :

Solution :

Update to JDK / JRE 7 Update 11 or later and, if necessary, remove any
affected versions.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 64840 ()

Bugtraq ID: 57246

CVE ID: CVE-2012-3174

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now