Vulnerabilities > CVE-2018-2941
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
Vulnerable Configurations
Nessus
NASL family Windows NASL id ORACLE_JROCKIT_CPU_JUL_2018.NASL description The version of Oracle JRockit installed on the remote Windows host is R28.3.18. It is, therefore, affected by multiple vulnerabilities. See advisory for details. last seen 2020-06-01 modified 2020-06-02 plugin id 111214 published 2018-07-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111214 title Oracle JRockit R28.3.18 Multiple Vulnerabilities (July 2018 CPU) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(111214); script_version("1.5"); script_cvs_date("Date: 2019/11/04"); script_cve_id( "CVE-2018-2938", "CVE-2018-2940", "CVE-2018-2941", "CVE-2018-2942", "CVE-2018-2952", "CVE-2018-2964", "CVE-2018-2972", "CVE-2018-2973" ); script_bugtraq_id( 104765, 104768, 104773, 104774, 104775, 104780, 104781, 104782 ); script_name(english:"Oracle JRockit R28.3.18 Multiple Vulnerabilities (July 2018 CPU)"); script_summary(english:"Checks the version of jvm.dll."); script_set_attribute(attribute:"synopsis", value: "A programming platform installed on the remote Windows host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of Oracle JRockit installed on the remote Windows host is R28.3.18. It is, therefore, affected by multiple vulnerabilities. See advisory for details."); # http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?50f36723"); script_set_attribute(attribute:"solution", value: "Upgrade to Oracle JRockit version R28.3.19 or later as referenced in the July 2018 Oracle Critical Patch Update advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-2938"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/17"); script_set_attribute(attribute:"patch_publication_date", value:"2018/07/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/20"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jrockit"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("oracle_jrockit_installed.nasl"); script_require_keys("installed_sw/Oracle JRockit"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("install_func.inc"); app = "Oracle JRockit"; install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE); ver = install['version']; type = install['type']; path = install['path']; if (tolower(type) != "jdk") audit(AUDIT_INST_PATH_NOT_VULN, app, ver, path); if (ver =~ "^28(\.3)?$") audit(AUDIT_VER_NOT_GRANULAR, app, ver); if (ver !~ "^28\.3($|[^0-9])") audit(AUDIT_NOT_INST, app + " 28.3.x"); # Affected : # 28.3.18 if (ver =~ "^28\.3\.18($|[^0-9])") { port = get_kb_item("SMB/transport"); if (!port) port = 445; # The DLL we're looking at is a level deeper in the JDK, since it # keeps a subset of the JRE in a subdirectory. if (tolower(type) == "jdk") path += "\jre"; path += "\bin\jrockit\jvm.dll"; report = '\n Type : ' + type + '\n Path : ' + path + '\n Installed version : ' + ver + '\n Fixed version : 28.3.19' + '\n'; security_report_v4(severity:SECURITY_WARNING, port:port, extra:report); } else audit(AUDIT_INST_PATH_NOT_VULN, app, ver, path);NASL family Windows NASL id ORACLE_JAVA_CPU_JUL_2018.NASL description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 10 Update 2, 8 Update 181, 7 Update 191, or 6 Update 201. It is, therefore, affected by multiple vulnerabilities related to the following components : - Concurrency. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2952) - Deployment. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2964) - JSSE. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2973) - Java DB. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2938) - JavaFX. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2941) - Libraries. An easily exploitable vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2940) - Security. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2972) - Windows DLL. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2942) Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 111163 published 2018-07-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111163 title Oracle Java SE Multiple Vulnerabilities (July 2018 CPU) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0167_OPENJDK.NASL description An update of the openjdk package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121864 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121864 title Photon OS 1.0: Openjdk PHSA-2018-1.0-0167 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2253.NASL description An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 181. Security Fix(es) : * Oracle JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX) (CVE-2018-2941) * Oracle JDK: unspecified vulnerability fixed in 8u181 and 10.0.2 (Deployment) (CVE-2018-2964) * Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries) (CVE-2018-2940) * OpenJDK: insufficient index validation in PatternSyntaxException getMessage () (Concurrency, 8199547) (CVE-2018-2952) * Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE) (CVE-2018-2973) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 111324 published 2018-07-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111324 title RHEL 7 : java-1.8.0-oracle (RHSA-2018:2253) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0077.NASL description An update of 'openjdk8' packages of Photon OS has been released. last seen 2019-02-08 modified 2019-02-07 plugin id 111961 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111961 title Photon OS 2.0: Openjdk8 PHSA-2018-2.0-0077 (deprecated) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0077_OPENJDK8.NASL description An update of the openjdk8 package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121974 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121974 title Photon OS 2.0: Openjdk8 PHSA-2018-2.0-0077 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2256.NASL description An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 181. Security Fix(es) : * Oracle JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX) (CVE-2018-2941) * Oracle JDK: unspecified vulnerability fixed in 8u181 and 10.0.2 (Deployment) (CVE-2018-2964) * Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries) (CVE-2018-2940) * OpenJDK: insufficient index validation in PatternSyntaxException getMessage () (Concurrency, 8199547) (CVE-2018-2952) * Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE) (CVE-2018-2973) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 111327 published 2018-07-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111327 title RHEL 6 : java-1.8.0-oracle (RHSA-2018:2256) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0167.NASL description An update of 'vim', 'ntp', 'openjdk', 'libmspack', 'blktrace', 'systemd', 'perl' packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111946 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111946 title Photon OS 1.0: Blktrace / Libmspack / Ntp / Openjdk / Perl / Systemd / Vim PHSA-2018-1.0-0167 (deprecated) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2254.NASL description An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 191. Security Fix(es) : * Oracle JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX) (CVE-2018-2941) * Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries) (CVE-2018-2940) * OpenJDK: insufficient index validation in PatternSyntaxException getMessage () (Concurrency, 8199547) (CVE-2018-2952) * Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE) (CVE-2018-2973) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 111325 published 2018-07-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111325 title RHEL 7 : java-1.7.0-oracle (RHSA-2018:2254) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-2255.NASL description An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 191. Security Fix(es) : * Oracle JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX) (CVE-2018-2941) * Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries) (CVE-2018-2940) * OpenJDK: insufficient index validation in PatternSyntaxException getMessage () (Concurrency, 8199547) (CVE-2018-2952) * Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE) (CVE-2018-2973) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 111326 published 2018-07-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111326 title RHEL 6 : java-1.7.0-oracle (RHSA-2018:2255) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2020-3_0-0084_OPENJDK11.NASL description An update of the openjdk11 package has been released. last seen 2020-05-03 modified 2020-04-29 plugin id 136100 published 2020-04-29 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136100 title Photon OS 3.0: Openjdk11 PHSA-2020-3.0-0084 NASL family Misc. NASL id ORACLE_JAVA_CPU_JUL_2018_UNIX.NASL description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 10 Update 2, 8 Update 181, 7 Update 191, or 6 Update 201. It is, therefore, affected by multiple vulnerabilities related to the following components : - Concurrency. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2952) - Deployment. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2964) - JSSE. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2973) - Java DB. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2938) - JavaFX. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2941) - Libraries. An easily exploitable vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2940) - Security. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2972) - Windows DLL. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2942) Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 111162 published 2018-07-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111162 title Oracle Java SE Multiple Vulnerabilities (July 2018 CPU) (Unix)
Redhat
| advisories |
| ||||||||||||||||
| rpms |
|
References
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.securityfocus.com/bid/104775
- https://access.redhat.com/errata/RHSA-2018:2256
- https://access.redhat.com/errata/RHSA-2018:2255
- https://access.redhat.com/errata/RHSA-2018:2254
- https://access.redhat.com/errata/RHSA-2018:2253
- https://security.netapp.com/advisory/ntap-20180726-0001/
- http://www.securitytracker.com/id/1041302