CVE-2017-3259

6 documents6 sources

Severity

3.7LOW

EPSS

0.5%

top 35.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Java SE Oracle JDK Oracle JRE

Timeline

PublishedJan 27

Latest updateMay 14

Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandb…

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5oracle/java_se6u131, 7u121, 8u112+2

▶NVDoracle/jdk1.6, 1.7, 1.8+2

▶NVDoracle/jre1.6, 1.7, 1.8+2

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-2fjh-pp98-gvch: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment)↗2022-05-14

▶

CVEList

CVE-2017-3259: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment)↗2017-01-27

▶

📋Vendor Advisories

Red Hat

JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)↗2017-01-17

▶

Debian

CVE-2017-3259: openjdk-8 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployme...↗2017

▶

💬Community

Bugzilla

CVE-2017-3259 Oracle JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)↗2017-01-17

▶