Suse Linux Enterprise Java vulnerabilities

5 known vulnerabilities affecting suse/linux_enterprise_java.

Total CVEs

5

CISA KEV

3

actively exploited

Public exploits

3

Exploited in wild

3

Severity breakdown

CRITICAL3HIGH1LOW1

Vulnerabilities

Page 1 of 1

CVE-2013-4002HIGHCVSS 7.1v10v112013-07-23

CVE-2013-4002 [HIGH] CVE-2013-4002: XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Jav

CVE-2013-2465CRITICALCVSS 9.8KEVPoCv10v112013-06-18

CVE-2013-2465 [CRITICAL] CWE-693 CVE-2013-2465: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2

CVE-2012-1717LOWCVSS 2.1v10v112012-06-16

CVE-2012-1717 [LOW] CVE-2012-1717: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.

CVE-2012-0507CRITICALCVSS 9.8KEVPoCv10v112012-06-07

CVE-2012-0507 [CRITICAL] CVE-2012-0507: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 201

CVE-2011-3544CRITICALCVSS 9.8KEVPoCv102011-10-19

CVE-2011-3544 [CRITICAL] CWE-284 CVE-2011-3544: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.