ID CVE-2017-3262
Summary Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
rhsa
id RHSA-2017:0175
rpms
  • java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3
refmap via4
bid 95578
confirm
gentoo GLSA-201701-65
sectrack 1037637
Last major update 03-10-2019 - 00:03
Published 27-01-2017 - 22:59
Last modified 03-10-2019 - 00:03
Back to Top