New Search

Vulnerability in the Java SE JRockit component of Oracle Java SE (subcomponent: RMI) - CVE-2018-2800

oval:org.cisecurity:def:5314

Vulnerability in the Java SE JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u181 7u171 and 8u162; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of Java SE JRockit accessible data as well as unauthorized read access to a subset of Java SE JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets such as through a web service.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows 8
  • Microsoft Windows 10
  • Microsoft Windows 8.1
Class:
vulnerability
Reference(s):
  • CVE-2018-2800
Product(s):
  • Java Runtime Environment 8
  • Java Development Kit 7
  • Java Runtime Environment 7
  • Java Development Kit 8
  • Java Development Kit 6
  • JRockit
  • Java Runtime Environment 6