Vulnerabilities > CVE-2017-10309
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L).
Vulnerable Configurations
Exploit-Db
| description | Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure. CVE-2017-10309. Webapps exploit for XML platform |
| file | exploits/xml/webapps/43103.py |
| id | EDB-ID:43103 |
| last seen | 2017-10-31 |
| modified | 2017-10-30 |
| platform | xml |
| port | |
| published | 2017-10-30 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/43103/ |
| title | Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure |
| type | webapps |
Nessus
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0040_OPENJRE.NASL description An update of the openjre package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121746 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121746 title Photon OS 1.0: Openjre PHSA-2017-0040 code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2017-0040. The text # itself is copyright (C) VMware, Inc. include('compat.inc'); if (description) { script_id(121746); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2019/04/02"); script_cve_id( "CVE-2017-10274", "CVE-2017-10285", "CVE-2017-10309", "CVE-2017-10346", "CVE-2017-10388" ); script_name(english:"Photon OS 1.0: Openjre PHSA-2017-0040"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote PhotonOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "An update of the openjre package has been released."); script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-80.md"); script_set_attribute(attribute:"solution", value: "Update the affected Linux packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-10346"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/24"); script_set_attribute(attribute:"patch_publication_date", value:"2017/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/07"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:openjre"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; if (rpm_check(release:"PhotonOS-1.0", reference:"openjre-1.8.0.151-1.ph1")) flag++; if (rpm_check(release:"PhotonOS-1.0", reference:"openjre-1.8.0.151-1.ph1")) flag++; if (rpm_check(release:"PhotonOS-1.0", reference:"openjre-1.8.0.151-1.ph1")) flag++; if (rpm_check(release:"PhotonOS-1.0", reference:"openjre-1.8.0.151-1.ph1")) flag++; if (rpm_check(release:"PhotonOS-1.0", reference:"openjre-1.8.0.151-1.ph1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openjre"); }NASL family Misc. NASL id ORACLE_JAVA_CPU_OCT_2017_UNIX.NASL description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 9 Update 1, 8 Update 151, 7 Update 161, or 6 Update 171. It is, therefore, affected by multiple vulnerabilities related to the following components : - 2D (Little CMS 2) - Deployment - Hotspot - JAX-WS - JAXP - Javadoc - Libraries - Networking - RMI - Security - Serialization - Smart Card IO - Util (zlib) last seen 2020-06-01 modified 2020-06-02 plugin id 103964 published 2017-10-19 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103964 title Oracle Java SE Multiple Vulnerabilities (October 2017 CPU) (Unix) code # # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(103964); script_version("1.6"); script_cvs_date("Date: 2019/11/12"); script_cve_id( "CVE-2016-9841", "CVE-2016-10165", "CVE-2017-10274", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10293", "CVE-2017-10295", "CVE-2017-10309", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388" ); script_bugtraq_id( 101315, 101319, 101321, 101328, 101333, 101338, 101341, 101348, 101354, 101355, 101369, 101378, 101382, 101384, 101396, 101413 ); script_name(english:"Oracle Java SE Multiple Vulnerabilities (October 2017 CPU) (Unix)"); script_summary(english:"Checks the version of the JRE."); script_set_attribute(attribute:"synopsis", value: "The remote Unix host contains a programming platform that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 9 Update 1, 8 Update 151, 7 Update 161, or 6 Update 171. It is, therefore, affected by multiple vulnerabilities related to the following components : - 2D (Little CMS 2) - Deployment - Hotspot - JAX-WS - JAXP - Javadoc - Libraries - Networking - RMI - Security - Serialization - Smart Card IO - Util (zlib)"); # https://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ffb85cfa"); # https://www.oracle.com/technetwork/java/javase/9-0-1-relnotes-3883752.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dfeae1af"); # http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bbe7f5cf"); # https://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2fbcacca"); # http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?726f7054"); script_set_attribute(attribute:"solution", value: "Upgrade to Oracle JDK / JRE 9 Update 1, 8 Update 151 / 7 Update 161 / 6 Update 171 or later. If necessary, remove any affected versions. Note that an Extended Support contract with Oracle is needed to obtain JDK / JRE 6 Update 95 or later."); script_set_attribute(attribute:"agent", value:"unix"); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-9841"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/17"); script_set_attribute(attribute:"patch_publication_date", value:"2017/10/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/19"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jre"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jdk"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("sun_java_jre_installed_unix.nasl"); script_require_keys("Host/Java/JRE/Installed"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); # Check each installed JRE. installs = get_kb_list_or_exit("Host/Java/JRE/Unmanaged/*"); info = ""; vuln = 0; vuln2 = 0; installed_versions = ""; granular = ""; foreach install (list_uniq(keys(installs))) { ver = install - "Host/Java/JRE/Unmanaged/"; if (ver !~ "^[0-9.]+") continue; installed_versions = installed_versions + " & " + ver; # Fixes : (JDK|JRE) 9 Update 1 / 8 Update 151 / 7 Update 161 / 6 Update 171 if ( ver =~ '^1\\.6\\.0_([0-9]|[0-9][0-9]|1[0-6][0-9]|170)([^0-9]|$)' || ver =~ '^1\\.7\\.0_([0-9]|[0-9][0-9]|1[0-5][0-9]|160)([^0-9]|$)' || ver =~ '^1\\.8\\.0_([0-9]|[0-9][0-9]|1[0-4][0-9]|150)([^0-9]|$)' || ver =~ '^1\\.9\\.0_00?([^0-9]|$)' ) { dirs = make_list(get_kb_list(install)); vuln += max_index(dirs); foreach dir (dirs) info += '\n Path : ' + dir; info += '\n Installed version : ' + ver; info += '\n Fixed version : 1.6.0_151 / 1.7.0_161 / 1.8.0_151 / 1.9.0_1\n'; } else if (ver =~ "^[\d\.]+$") { dirs = make_list(get_kb_list(install)); foreach dir (dirs) granular += "The Oracle Java version "+ver+" at "+dir+" is not granular enough to make a determination."+'\n'; } else { dirs = make_list(get_kb_list(install)); vuln2 += max_index(dirs); } } # Report if any were found to be vulnerable. if (info) { if (report_verbosity > 0) { if (vuln > 1) s = "s of Java are"; else s = " of Java is"; report = '\n' + 'The following vulnerable instance'+s+' installed on the\n' + 'remote host :\n' + info; security_hole(port:0, extra:report); } else security_hole(0); if (granular) exit(0, granular); } else { if (granular) exit(0, granular); installed_versions = substr(installed_versions, 3); if (vuln2 > 1) exit(0, "The Java "+installed_versions+" installations on the remote host are not affected."); else audit(AUDIT_INST_VER_NOT_VULN, "Java", installed_versions); }NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0040.NASL description An update of [openjdk,openjre,bash,libtar,glibc,libgcrypt,strongswan,unzip] packages for PhotonOS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111889 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111889 title Photon OS 1.0: Bash / Glibc / Libgcrypt / Libtar / Openjdk / Openjre / Strongswan / Unzip PHSA-2017-0040 (deprecated) code # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2/7/2019 # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2017-0040. The text # itself is copyright (C) VMware, Inc. include("compat.inc"); if (description) { script_id(111889); script_version("1.3"); script_cvs_date("Date: 2019/04/05 23:25:07"); script_cve_id( "CVE-2013-4420", "CVE-2014-9844", "CVE-2014-9913", "CVE-2016-0634", "CVE-2016-9844", "CVE-2017-9526", "CVE-2017-10274", "CVE-2017-10285", "CVE-2017-10309", "CVE-2017-10346", "CVE-2017-10388", "CVE-2017-11185", "CVE-2017-12133" ); script_name(english:"Photon OS 1.0: Bash / Glibc / Libgcrypt / Libtar / Openjdk / Openjre / Strongswan / Unzip PHSA-2017-0040 (deprecated)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "This plugin has been deprecated."); script_set_attribute(attribute:"description", value: "An update of [openjdk,openjre,bash,libtar,glibc,libgcrypt,strongswan,unzip] packages for PhotonOS has been released."); # https://github.com/vmware/photon/wiki/Security-Updates-80 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b0fdbe24"); script_set_attribute(attribute:"solution", value:"n/a."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-10285"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"patch_publication_date", value:"2017/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/17"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:bash"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:glibc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:libgcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:libtar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:openjdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:openjre"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:strongswan"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:unzip"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } exit(0, "This plugin has been deprecated."); include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; pkgs = [ "bash-4.3.48-1.ph1", "bash-debuginfo-4.3.48-1.ph1", "bash-lang-4.3.48-1.ph1", "glibc-2.22-14.ph1", "glibc-devel-2.22-14.ph1", "glibc-lang-2.22-14.ph1", "libgcrypt-1.7.6-3.ph1", "libgcrypt-debuginfo-1.7.6-3.ph1", "libgcrypt-devel-1.7.6-3.ph1", "libtar-1.2.20-3.ph1", "libtar-devel-1.2.20-3.ph1", "openjdk-1.8.0.151-1.ph1", "openjdk-debuginfo-1.8.0.151-1.ph1", "openjdk-doc-1.8.0.151-1.ph1", "openjdk-sample-1.8.0.151-1.ph1", "openjdk-src-1.8.0.151-1.ph1", "openjre-1.8.0.151-1.ph1", "strongswan-5.5.1-2.ph1", "strongswan-debuginfo-5.5.1-2.ph1", "unzip-6.0-8.ph1" ]; foreach (pkg in pkgs) if (rpm_check(release:"PhotonOS-1.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bash / glibc / libgcrypt / libtar / openjdk / openjre / strongswan / unzip"); }NASL family Windows NASL id ORACLE_JAVA_CPU_OCT_2017.NASL description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 9 Update 1, 8 Update 151, 7 Update 161, or 6 Update 171. It is, therefore, affected by multiple vulnerabilities related to the following components : - 2D (Little CMS 2) - Deployment - Hotspot - JAX-WS - JAXP - Javadoc - Libraries - Networking - RMI - Security - Serialization - Smart Card IO - Util (zlib) last seen 2020-06-01 modified 2020-06-02 plugin id 103963 published 2017-10-19 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103963 title Oracle Java SE Multiple Vulnerabilities (October 2017 CPU) code # # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(103963); script_version("1.7"); script_cvs_date("Date: 2019/11/12"); script_cve_id( "CVE-2016-9841", "CVE-2016-10165", "CVE-2017-10274", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10293", "CVE-2017-10295", "CVE-2017-10309", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388" ); script_bugtraq_id( 101315, 101319, 101321, 101328, 101333, 101338, 101341, 101348, 101354, 101355, 101369, 101378, 101382, 101384, 101396, 101413 ); script_name(english:"Oracle Java SE Multiple Vulnerabilities (October 2017 CPU)"); script_summary(english:"Checks the version of the JRE."); script_set_attribute(attribute:"synopsis", value: "The remote Windows host contains a programming platform that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 9 Update 1, 8 Update 151, 7 Update 161, or 6 Update 171. It is, therefore, affected by multiple vulnerabilities related to the following components : - 2D (Little CMS 2) - Deployment - Hotspot - JAX-WS - JAXP - Javadoc - Libraries - Networking - RMI - Security - Serialization - Smart Card IO - Util (zlib)"); # https://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixJAVA script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ffb85cfa"); # https://www.oracle.com/technetwork/java/javase/9-0-1-relnotes-3883752.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dfeae1af"); # http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bbe7f5cf"); # https://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2fbcacca"); # http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?726f7054"); script_set_attribute(attribute:"solution", value: "Upgrade to Oracle JDK / JRE 9 Update 1, 8 Update 151 / 7 Update 161 / 6 Update 171 or later. If necessary, remove any affected versions. Note that an Extended Support contract with Oracle is needed to obtain JDK / JRE 6 Update 95 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-9841"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/17"); script_set_attribute(attribute:"patch_publication_date", value:"2017/10/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/19"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jre"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jdk"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("sun_java_jre_installed.nasl"); script_require_keys("SMB/Java/JRE/Installed"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); # Check each installed JRE. installs = get_kb_list_or_exit("SMB/Java/JRE/*"); info = ""; vuln = 0; installed_versions = ""; foreach install (list_uniq(keys(installs))) { ver = install - "SMB/Java/JRE/"; if (ver !~ "^[0-9.]+") continue; installed_versions = installed_versions + " & " + ver; # Fixes : (JDK|JRE) 9 Update 1 / 8 Update 151 / 7 Update 161 / 6 Update 171 if ( ver =~ '^1\\.6\\.0_([0-9]|[0-9][0-9]|1[0-6][0-9]|170)([^0-9]|$)' || ver =~ '^1\\.7\\.0_([0-9]|[0-9][0-9]|1[0-5][0-9]|160)([^0-9]|$)' || ver =~ '^1\\.8\\.0_([0-9]|[0-9][0-9]|1[0-4][0-9]|150)([^0-9]|$)' || ver =~ '^1\\.9\\.0_00?([^0-9]|$)' ) { dirs = make_list(get_kb_list(install)); vuln += max_index(dirs); foreach dir (dirs) info += '\n Path : ' + dir; info += '\n Installed version : ' + ver; info += '\n Fixed version : 1.6.0_171 / 1.7.0_161 / 1.8.0_151 / 1.9.0_1\n'; } } # Report if any were found to be vulnerable. if (info) { port = get_kb_item("SMB/transport"); if (!port) port = 445; if (report_verbosity > 0) { if (vuln > 1) s = "s of Java are"; else s = " of Java is"; report = '\n' + 'The following vulnerable instance'+s+' installed on the\n' + 'remote host :\n' + info; security_hole(port:port, extra:report); } else security_hole(port); exit(0); } else { installed_versions = substr(installed_versions, 3); if (" & " >< installed_versions) exit(0, "The Java "+installed_versions+" installations on the remote host are not affected."); else audit(AUDIT_INST_VER_NOT_VULN, "Java", installed_versions); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-2999.NASL description An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 151. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388) last seen 2020-06-01 modified 2020-06-02 plugin id 104116 published 2017-10-24 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104116 title RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2017:2999) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201710-31.NASL description The remote host is affected by the vulnerability described in GLSA-201710-31 (Oracle JDK/JRE: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Oracle’s Java SE. Please review the referenced CVE identifiers for details. Impact : A remote attacker could cause a Denial of Service condition, modify arbitrary data, or have numerous other impacts. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 104232 published 2017-10-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104232 title GLSA-201710-31 : Oracle JDK/JRE: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-3411-1.NASL description This update for java-1_8_0-ibm fixes the following issues: Security issues fixed : - Security update to version 8.0.5.5 (bsc#1070162) - CVE-2017-10346 CVE-2017-10285 CVE-2017-10388 CVE-2017-10309 CVE-2017-10356 CVE-2017-10293 CVE-2016-9841 CVE-2016-10165 CVE-2017-10355 CVE-2017-10357 CVE-2017-10348 CVE-2017-10349 CVE-2017-10347 CVE-2017-10350 CVE-2017-10281 CVE-2017-10295 CVE-2017-10345 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 105462 published 2017-12-26 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105462 title SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2017:3411-1) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-3453.NASL description An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8 and Red Hat Satellite 5.8 ELS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2016-10165, CVE-2017-1289, CVE-2017-3509, CVE-2017-3511, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544, CVE-2017-10053, CVE-2017-10067, CVE-2017-10078, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10243, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388) For details on how to apply this update, which includes the changes described in this advisory, refer to : https://access.redhat.com/articles/11258 For this update to take effect, Red Hat Satellite must be restarted ( last seen 2020-06-01 modified 2020-06-02 plugin id 105267 published 2017-12-15 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/105267 title RHEL 6 : Satellite Server (RHSA-2017:3453) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-3267.NASL description An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388) last seen 2020-06-01 modified 2020-06-02 plugin id 104839 published 2017-11-29 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104839 title RHEL 6 : java-1.8.0-ibm (RHSA-2017:3267) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0040_STRONGSWAN.NASL description An update of the strongswan package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121747 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121747 title Photon OS 1.0: Strongswan PHSA-2017-0040 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0040_BASH.NASL description An update of the bash package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121741 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121741 title Photon OS 1.0: Bash PHSA-2017-0040 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0040_LIBGCRYPT.NASL description An update of the libgcrypt package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121743 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121743 title Photon OS 1.0: Libgcrypt PHSA-2017-0040 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0040_GLIBC.NASL description An update of the glibc package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121742 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121742 title Photon OS 1.0: Glibc PHSA-2017-0040 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2017-3264.NASL description An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2016-10165, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388) last seen 2020-06-01 modified 2020-06-02 plugin id 104802 published 2017-11-28 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104802 title RHEL 7 : java-1.8.0-ibm (RHSA-2017:3264) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0040_LIBTAR.NASL description An update of the libtar package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121744 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121744 title Photon OS 1.0: Libtar PHSA-2017-0040 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0040_OPENJDK.NASL description An update of the openjdk package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121745 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121745 title Photon OS 1.0: Openjdk PHSA-2017-0040
Packetstorm
| data source | https://packetstormsecurity.com/files/download/144859/oraclejavase-xxedisclose.txt |
| id | PACKETSTORM:144859 |
| last seen | 2017-11-03 |
| published | 2017-11-02 |
| reporter | mr_me |
| source | https://packetstormsecurity.com/files/144859/Oracle-Java-SE-Wv8u131-Information-Disclosure.html |
| title | Oracle Java SE Wv8u131 Information Disclosure |
Redhat
| advisories |
| ||||||||||||||||
| rpms |
|
References
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.securitytracker.com/id/1039596
- http://www.securityfocus.com/bid/101328
- https://security.gentoo.org/glsa/201710-31
- https://www.exploit-db.com/exploits/43103/
- https://security.netapp.com/advisory/ntap-20171019-0001/
- https://access.redhat.com/errata/RHSA-2017:3267
- https://access.redhat.com/errata/RHSA-2017:3264
- https://access.redhat.com/errata/RHSA-2017:3453
- https://access.redhat.com/errata/RHSA-2017:2999