SynopsisA programming platform installed on the remote Windows host is affected by multiple vulnerabilities.
DescriptionThe version of Oracle JRockit installed on the remote Windows host is R28 prior to R28.3.8. It is, therefore, affected by multiple vulnerabilities :
- Multiple denial of service vulnerabilities exist due to multiple unspecified flaws in the JAXP subcomponent. A remote attacker can exploit these flaws to cause a denial of service condition. (CVE-2015-4803, CVE-2015-4893, CVE-2015-4911)
- An unspecified flaw exists in the Security subcomponent that allows a remote attacker to impact integrity.
SolutionUpgrade to Oracle JRockit version R28.3.8 or later as referenced in the October 2015 Oracle Critical Patch Update advisory.