exploit the possibilities
Showing 1 - 3 of 3 RSS Feed

CVE-2018-3150

Status Candidate

Overview

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Utility). The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

Related Files

Gentoo Linux Security Advisory 201908-10
Posted Aug 15, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-10 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites. Versions less than 1.8.0.202:1.8 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2018-13785, CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3150, CVE-2018-3157, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3209, CVE-2018-3211, CVE-2018-3214, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698, CVE-2019-2699
MD5 | dfd5ee3e64899b150b2cb6e282e7523a
Red Hat Security Advisory 2018-3521-01
Posted Nov 8, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3521-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include improper field access checks.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3150, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183
MD5 | 813d3049ae80a46f1049f537d2b267f2
Ubuntu Security Notice USN-3804-1
Posted Oct 31, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3804-1 - It was discovered that the Security component of OpenJDK did not properly ensure that manifest elements were signed before use. An attacker could possibly use this to specially construct an untrusted Java application or applet that could escape sandbox restrictions. Artem Smotrakov discovered that the HTTP client redirection handler implementation in OpenJDK did not clear potentially sensitive information in HTTP headers when following redirections to different hosts. An attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, java, web
systems | linux, ubuntu
advisories | CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3150, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214
MD5 | 1499016cce5544fdad2e81db194990e1
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close