Showing 1 - 3 of 3

CVE-2018-2972

Status Candidate

Overview

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). The supported version that is affected is Java SE: 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

Related Files

Ubuntu Security Notice USN-3747-2: Posted Sep 13, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3747-2 - USN-3747-1 fixed vulnerabilities in OpenJDK 10 for Ubuntu 18.04 LTS. Unfortunately, that update introduced a regression around accessability support that prevented some Java applications from starting. This update fixes the problem. Various other issues were also addressed.; tags | advisory, java, vulnerability; systems | linux, ubuntu; advisories | CVE-2018-2952, CVE-2018-2972; SHA-256 | d976d682847548950360e8367b23160b0e1b44e81d4c7d9b6c183d4bed90c5e5; Download | Favorite | View

Ubuntu Security Notice USN-3747-2: Posted Sep 13, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3747-2 - USN-3747-1 fixed vulnerabilities in OpenJDK 10 for Ubuntu 18.04 LTS. Unfortunately, that update introduced a regression around accessibility support that prevented some Java applications from starting. This update fixes the problem. Various other issues were also addressed.; tags | advisory, java, vulnerability; systems | linux, ubuntu; advisories | CVE-2018-2952, CVE-2018-2972; SHA-256 | d976d682847548950360e8367b23160b0e1b44e81d4c7d9b6c183d4bed90c5e5; Download | Favorite | View

Ubuntu Security Notice USN-3747-1: Posted Aug 21, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3747-1 - It was discovered that OpenJDK did not properly validate types in some situations. An attacker could use this to construct a Java class that could possibly bypass sandbox restrictions. It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service. Various other issues were also addressed.; tags | advisory, java, denial of service; systems | linux, ubuntu; advisories | CVE-2018-2825, CVE-2018-2952, CVE-2018-2972; SHA-256 | badf7418cc4dc5265e0b3440db9897b99af4a4d4c674bccb74a68933b0658bf9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2018-2972

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems