Oracle Java SE Multiple Vulnerabilities (October 2011 CPU) (BEAST)
Critical Nessus Plugin ID 56566
Synopsis
The remote Windows host contains a programming platform that is affected by multiple vulnerabilities.
Description
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 1 / 6 Update 29 / 5.0 Update 32 / 1.4.2_34 and is potentially affected by security issues in the following components :
- 2D
- AWT
- Deployment
- Deserialization
- Hotspot
- Java Runtime Environment
- JAXWS
- JSSE
- Networking
- RMI
- Scripting
- Sound
- Swing
Solution
Update to JDK / JRE 7 Update 1 / 6 Update 29, JDK 5.0 Update 32, SDK 1.4.2_34 or later and remove, if necessary, any affected versions.
Note that an Extended Support contract with Oracle is needed to obtain JDK 5.0 Update 32 or later.