Oracle Java Unspecified Code Execution Vulnerability

Last Update Date: 31 Aug 2012 Release Date: 28 Aug 2012 5063 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Servers - Database Servers

TYPE: Database Servers

A vulnerability has been identified in Oracle Java, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error and can be exploited to download and execute arbitrary programs.

Successful exploitation allows execution of arbitrary code.

 

NOTE:

  • This is currently being actively exploited in targeted attacks.

Impact

  • Remote Code Execution

System / Technologies affected

  • Oracle Java JDK and JRE 1.6.x / 6.x
  • Oracle Java JDK and JRE 1.7.x / 7.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply JDK/JRE 6 Update 35 or JDK/JRE 7 Update 7.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Mozilla Firefox / Thunderbird / Seamonkey Multiple Vulnerabilities

30 Aug 2012 4313 Views

Next

Opera Truncated Dialog Box Vulnerability

31 Aug 2012 4628 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY