CVE-2011-0865 — JDK vulnerability
6 documents6 sources
Severity
2.6LOWNVD
EPSS
3.8%
top 11.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedJun 14
Latest updateMay 14
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization.
CVSS vector
AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-xvf5-cj28-7xcf: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5↗2022-05-14
CVEList▶
CVE-2011-0865: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5↗2011-06-14
📋Vendor Advisories
2💬Community
1Bugzilla▶
CVE-2011-0865 OpenJDK: Deserialization allows creation of mutable SignedObject (Deserialization, 6618658)↗2011-05-19