New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 3.6
SynopsisThe remote Windows host contains a programming platform that is affected by multiple vulnerabilities.
DescriptionThe remote host has a version of Oracle JRockit that is affected by multiple vulnerabilities that could allow a remote user to affect the confidentiality of the system via :
- A design flaw in the RSA 'blinding' security component of the 'RASCore' class. By performing operations requiring the use of private keys and measuring timing differences, an attacker may be able to disclose information about the keys used.
- A design flaw in the 'validateDHPublicKey' function of the 'KeyUtil' class. A remote attacker may be able to recover a key. (CVE-2014-4263).
SolutionUpgrade to version R188.8.131.52 / R184.108.40.206 or later.