CVE-2011-3563 — Oracle JRE vulnerability

8 documents7 sources
Severity
6.4MEDIUMNVD
EPSS
5.1%
top 10.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle JRESUN JRE
Timeline
PublishedFeb 15
Latest updateMay 14

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Sound.

CVSS vector

AV:N/AC:L/C:P/I:N/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

â–¶NVDoracle/jre1.6.0+3
â–¶NVDsun/jre1.4.2_35+38

🔴Vulnerability Details

2
GHSA
GHSA-mwf7-vx5q-mx9x: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5↗2022-05-14
â–¶
CVEList
CVE-2011-3563: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5↗2012-02-15
â–¶

💥Exploits & PoCs

1
Exploit-DB
Sun Java Web Start BasicServiceImpl - Remote Code Execution (Metasploit)↗2011-01-22
â–¶

📋Vendor Advisories

3
Ubuntu
OpenJDK 6 (ARM) vulnerabilities↗2012-03-01
â–¶
Ubuntu
OpenJDK 6 vulnerabilities↗2012-02-24
â–¶
Red Hat
OpenJDK: JavaSound incorrect bounds check (Sound, 7088367)↗2012-02-14
â–¶

💬Community

1
Bugzilla
CVE-2011-3563 OpenJDK: JavaSound incorrect bounds check (Sound, 7088367)↗2012-02-10
â–¶
CVE-2011-3563 — Oracle JRE vulnerability | cvebase