CVE-2011-3560JDK vulnerability

6 documents6 sources
Severity
6.4MEDIUMNVD
EPSS
1.7%
top 17.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN JDKSUN JRE
Timeline
PublishedOct 19
Latest updateMay 14

Description

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity, related to JSSE.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

NVDsun/jdk1.6.0+38
NVDsun/jre1.6.0+38

🔴Vulnerability Details

2
GHSA
GHSA-4g33-3743-jf7f: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 52022-05-14
CVEList
CVE-2011-3560: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 52011-10-19

📋Vendor Advisories

2
Ubuntu
IcedTea-Web, OpenJDK 6 vulnerabilities2011-11-16
Red Hat
OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)2011-10-18

💬Community

1
Bugzilla
CVE-2011-3560 OpenJDK: missing checkSetFactory calls in HttpsURLConnection (JSSE, 7096936)2011-10-12
CVE-2011-3560 — SUN JDK vulnerability | cvebase