CVE-2018-3157Improper Initialization in Corporation Java

CWE-665Improper Initialization7 documents7 sources
Severity
3.7LOWNVD
EPSS
0.8%
top 26.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Oracle Corporation JavaOracle JDKOracle JRE
Timeline
PublishedOct 17
Latest updateMay 13

Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Sound). The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes fro

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages3 packages

CVEListV5oracle_corporation/javaJava SE: 11
NVDoracle/jdk11.0.0
NVDoracle/jre11.0.0

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-j6c7-4cjf-p6v5: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Sound)2022-05-13
CVEList
CVE-2018-3157: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Sound)2018-10-17
OSV
CVE-2018-3157: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Sound)2018-10-17

📋Vendor Advisories

2
Red Hat
OpenJDK: Uninitialized memory use in MIDI device handling (Sound, 8200648)2018-10-16
Debian
CVE-2018-3157: openjdk-11 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Sound). ...2018

💬Community

1
Bugzilla
CVE-2018-3157 OpenJDK: Uninitialized memory use in MIDI device handling (Sound, 8200648)2018-10-24
CVE-2018-3157 — Improper Initialization | cvebase