Oracle Java SE 6 < Update 141 / 7 < Update 131 / 8 < Update 121 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 9917

Synopsis

The remote host is missing a critical Oracle Java SE patch update.

Description

The version of Oracle Java SE installed on the remote host is prior to 6 Update 141, 7 Update 131, or 8 Update 121 and is affected by multiple vulnerabilities :

- A flaw exists in the 'ECDSASignature' class of the Libraries subcomponent. The issue is triggered when handling signatures from DER input. This may allow a remote attacker to cause a signature in an incorrect format to be accepted. (CVE-2016-5546)
- An unspecified flaw exists related to the Libraries subcomponent. This may allow a remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-5547)
- An unspecified flaw exists related to the Libraries subcomponent. This may allow a context-dependent attacker to gain access to sensitive information. No further details have been provided by the vendor. (CVE-2016-5548, CVE-2016-5549)
- An unspecified flaw exists related to the Networking subcomponent. This may allow a remote attacker to have an impact on integrity. No further details have been provided by the vendor. (CVE-2016-5552)
- A flaw exists in the Install New Software and Update features in the Mission Control subcomponent that may allow a man-in-the-middle attacker to intercept and manipulate JAR files, potentially resulting in the installation of malicious content. (CVE-2016-8328)
- An unspecified flaw exists related to the Networking subcomponent. This may allow a context-dependent attacker to gain access to sensitive information. No further details have been provided by the vendor. (CVE-2017-3231)
- A flaw exists in the RMI registry and DCG (Distributed Garbage Collector) implementation that is triggered as certain input is not properly sanitized before being deserialized. This may allow a remote attacker to potentially execute arbitrary code outside of intended sandbox restrictions. (CVE-2017-3241)
- An unspecified flaw exists related to the JAAS subcomponent. This may allow a context-dependent attacker to have an impact on integrity. No further details have been provided by the vendor. (CVE-2017-3252)
- A flaw exists in the 'PNGImageReader::readMetadata()' function in 'imageio/plugins/png/PNGImageReader.java' that is triggered when handling 'zTXt' and 'iTXt' image chunks. With a specially crafted PNG image, a remote attacker can exhaust available memory resources. (CVE-2017-3253)
- An unspecified flaw exists related to the Deployment subcomponent. This may allow a remote attacker to gain access to sensitive information. No further details have been provided by the vendor. (CVE-2017-3259)
- An unspecified flaw exists related to the Networking subcomponent. This may allow a context-dependent attacker to gain access to sensitive information. No further details have been provided by the vendor. (CVE-2017-3261)
- An unspecified flaw exists related to the Java Mission Control subcomponent. This may allow a remote attacker to gain access to sensitive information. No further details have been provided by the vendor. (CVE-2017-3262)
- A flaw exists related to improper restrictions on protected field members for the atomic field updaters in the 'java.util.concurrent.atomic' package. This may allow a context-dependent attacker to potentially execute arbitrary code outside of intended sandbox restrictions. (CVE-2017-3272)
- A flaw exists in the Hotspot subcomponent related to insecure class construction when handling exception stack frames. This may allow a context-dependent attacker to potentially execute arbitrary code outside of intended sandbox restrictions. (CVE-2017-3289)

Solution

Upgrade to Java 1.8.0_121 or later. If version 1.8.x cannot be obtained, versions 1.7.0_131 and 1.6.0_141 are also patched for these vulnerabilities.

See Also

http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA

Plugin Details

Severity: Critical

ID: 9917

File Name: 9917.prm

Family: Web Clients

Published: 2017/01/27

Modified: 2017/01/27

Dependencies: 8892, 8893, 8895

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.3

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:java_se

Patch Publication Date: 2017/01/17

Vulnerability Publication Date: 2016/11/02

Reference Information

CVE: CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289

BID: 95488, 95498, 95506, 95509, 95512, 95521, 95525, 95530, 95533, 95559, 95563, 95566, 95570, 95578, 95581