Summary
This host is installed with Sun Java JRE and is prone to Remote Code Execution Vulnerability.
Impact
Successful exploitation allows remote attackers to execute arbitrary code in the context of the affected application.
Impact Level: Application.
Solution
Upgrade to JRE version 6 Update 17
http://java.sun.com/javase/downloads/index.jsp
Insight
- An error occurs while using security model permissions when removing installer extensions and may allow an untrusted applications to run as a trusted application.
- An error occurs while handling interaction between a signed JAR file and a JNLP application or applet.
Affected
Sun Java JRE 6 prior to 6 Update 17 on Linux.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2009-3866, CVE-2009-3886 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities(APSB14-22)-(Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Windows)
- Adobe Extension Manager CS5 Insecure Library Loading Vulnerability (Win)
- Adobe Flash Player 9.0.115.0 and earlier vulnerability (Lin)