Oracle Java Unspecified Code Execution Vulnerability
Last Update Date:
31 Aug 2012
Release Date:
28 Aug 2012
5756
Views
RISK: Extremely High Risk
TYPE: Servers - Database Servers
A vulnerability has been identified in Oracle Java, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error and can be exploited to download and execute arbitrary programs.
Successful exploitation allows execution of arbitrary code.
NOTE:
- This is currently being actively exploited in targeted attacks.
Impact
- Remote Code Execution
System / Technologies affected
- Oracle Java JDK and JRE 1.6.x / 6.x
- Oracle Java JDK and JRE 1.7.x / 7.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply JDK/JRE 6 Update 35 or JDK/JRE 7 Update 7.
Vulnerability Identifier
Source
Related Link
Share with