Oracle Java SE Installer on Windows Arbitrary Code Execution

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a programming platform that is
affected by an arbitrary code execution vulnerability.

Description :

The version of Oracle Java SE or Java for Business installed on the
remote host is prior to 8 Update 73, 7 Update 97, or 6 Update 113. It
is, therefore, affected by an arbitrary code execution vulnerability
that may have been exploited when installing Java. If an attacker
convinced a user to download a set of malicious files before Java was
installed, then arbitrary code may have been executed during the
installation. A system with the vulnerable versions of Java installed
should be checked for malicious software or abnormal behaviors.

See also :

https://blogs.oracle.com/security/entry/security_alert_cve_2016_0603
http://www.nessus.org/u?88d35958

Solution :

Discard any installers for versions of Oracle JDK / JRE prior to 8
Update 73, 7 Update 97, or 6 Update 113. Additionally, check for
malicious software or abnormal behavior.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 88755 ()

Bugtraq ID: 83008

CVE ID: CVE-2016-0603

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now