Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Oracle Java SE 7 < Update 131 / 8 < Update 121 Arbitrary Code Execution



The remote host is missing a critical Oracle Java SE patch update.


The version of Oracle Java SE installed on the remote host is prior to 7 Update 131, or 8 Update 121 and is affected by a flaw in the AWT subcomponent that is triggered when handling menu items. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code outside of intended sandbox restrictions.


Upgrade to Java 1.8.0_121 or later. If version 1.8.x cannot be obtained, version 1.7.0_131 is also patched for this vulnerability.