CVE-2011-3557Oracle Jrockit vulnerability

7 documents6 sources
Severity
6.8MEDIUMNVD
CNA7.5
EPSS
3.9%
top 11.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Oracle JrockitSUN JDKSUN JRE
Timeline
PublishedOct 19
Latest updateMay 14

Description

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

NVDoracle/jrockitr28.1.4+6
NVDsun/jdk1.6.0+38
NVDsun/jre1.6.0+38

🔴Vulnerability Details

2
GHSA
GHSA-7fq2-gpx6-fhfw: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 52022-05-14
CVEList
CVE-2011-3557: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 52011-10-19

📋Vendor Advisories

3
Ubuntu
IcedTea-Web, OpenJDK 6 vulnerabilities2011-11-16
Red Hat
OpenJDK: RMI registry privileged code execution (RMI, 7083012)2011-10-18
Red Hat
OpenJDK: RMI DGC server remote code execution (RMI, 7077466)2011-10-18

💬Community

1
Bugzilla
CVE-2011-3557 OpenJDK: RMI registry privileged code execution (RMI, 7083012)2011-10-12
CVE-2011-3557 — Oracle Jrockit vulnerability | cvebase