This script is Copyright (C) 2016 Tenable Network Security, Inc.
A programming platform installed on the remote Windows host is
affected by multiple vulnerabilities.
The version of Oracle JRockit installed on the remote Windows host is
R28 prior to R28.3.9. It is, therefore, affected by multiple
- An unspecified flaw exists in the Security subcomponent
due to a failure to reject MD5 signatures in the server
signature within the TLS 1.2 ServerKeyExchange messages.
A man-in-the-middle attacker, by triggering collisions,
can exploit this issue to spoof servers. (CVE-2015-7575)
- A memory corruption issue exists in the AWT subcomponent
when decoding JPEG files. A remote attacker can exploit
this to execute arbitrary code. (CVE-2016-0483)
- A collision-based forgery vulnerability, known as SLOTH
(Security Losses from Obsolete and Truncated Transcript
Hashes), exists in the TLS protocol due to accepting
RSA-MD5 signatures in the server signature within the
TLS 1.2 ServerKeyExchange messages during a TLS
handshake. A man-in-the-middle attacker can exploit
this, via a transcript collision attack, to impersonate
a TLS server. (CVE-2015-7575) (CVE-2016-0475)
- A denial of service vulnerability exists in the JAXP
subcomponent during the handling of expanded general
entities. A remote attacker can exploit this to bypass
the 'totalEntitySizeLimit' restrictions and exhaust
available memory. (CVE-2016-0466)
See also :
Upgrade to Oracle JRockit version R28.3.9 or later as referenced in
the January 2016 Oracle Critical Patch Update advisory.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false