Sun Java JRE Multiple Vulnerabilities (102729 / 102732)

High Nessus Plugin ID 23931


The remote Windows host has a version of Sun's Java Runtime Environment that is affected by several vulnerabilities.


According to its version number, the Sun JRE installed on the remote host has two buffer overflow issues that may allow an untrusted applet to elevate its privileges to, for example, read or write local files or to execute local applications subject to the privileges of the user running the applet.

In addition, another set of vulnerabilities may allow an untrusted applet to access data in other applets.


Update to Sun Java 2 JDK and JRE 5.0 Update 8 / SDK and JRE 1.4.2_13 / SDK and JRE 1.3.1_19 or later and remove if necessary any affected versions.

See Also

Plugin Details

Severity: High

ID: 23931

File Name: sun_java_jre_102729.nasl

Version: $Revision: 1.23 $

Type: local

Agent: windows

Family: Windows

Published: 2006/12/20

Modified: 2017/05/01

Dependencies: 33545

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:oracle:jre

Required KB Items: SMB/Java/JRE/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2006/12/19

Vulnerability Publication Date: 2006/12/19

Reference Information

CVE: CVE-2006-6731, CVE-2006-6736, CVE-2006-6737, CVE-2006-6745

BID: 21673, 21674, 21675

OSVDB: 32357, 32358, 32393, 32394, 32931, 32932, 32933, 32934