Vulnerability-Lookup

CVE-2011-3544 (GCVE-0-2011-3544)

Vulnerability from cvelistv5 – Published: 2011-10-19 21:00 – Updated: 2025-10-22 00:05

Summary

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

oracle

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisoryx_refsource_GENTOO
	http://marc.info/?l=bugtraq&m=134254866602253&w=2	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/48308	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=132750579901589&w=2	vendor-advisoryx_refsource_HP
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisoryx_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=132750579901589&w=2	vendor-advisoryx_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-13…	vendor-advisoryx_refsource_REDHAT
	http://www.securityfocus.com/bid/50218	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisoryx_refsource_HP
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1026215	vdb-entryx_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-1263-1	vendor-advisoryx_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisoryx_refsource_HP
	http://www.ibm.com/developerworks/java/jdk/alerts/	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:37:48.020Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:13947",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "HPSBMU02799",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
          },
          {
            "name": "48308",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48308"
          },
          {
            "name": "HPSBUX02730",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
          },
          {
            "name": "SUSE-SU-2012:0114",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "SSRT100710",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
          },
          {
            "name": "RHSA-2011:1384",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
          },
          {
            "name": "50218",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/50218"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
          },
          {
            "name": "SSRT100867",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "name": "oracle-jre-scripting-unspecified(70849)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
          },
          {
            "name": "1026215",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026215"
          },
          {
            "name": "USN-1263-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1263-1"
          },
          {
            "name": "HPSBMU02797",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2011-3544",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T19:24:24.898601Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-3544"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-22T00:05:49.147Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-3544"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-03T00:00:00.000Z",
            "value": "CVE-2011-3544 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-10-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-05T18:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:13947",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "HPSBMU02799",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
        },
        {
          "name": "48308",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48308"
        },
        {
          "name": "HPSBUX02730",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
        },
        {
          "name": "SUSE-SU-2012:0114",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "SSRT100710",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
        },
        {
          "name": "RHSA-2011:1384",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
        },
        {
          "name": "50218",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/50218"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
        },
        {
          "name": "SSRT100867",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        },
        {
          "name": "oracle-jre-scripting-unspecified(70849)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
        },
        {
          "name": "1026215",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026215"
        },
        {
          "name": "USN-1263-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1263-1"
        },
        {
          "name": "HPSBMU02797",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2011-3544",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:13947",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "HPSBMU02799",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
            },
            {
              "name": "48308",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48308"
            },
            {
              "name": "HPSBUX02730",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
            },
            {
              "name": "SUSE-SU-2012:0114",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "SSRT100710",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
            },
            {
              "name": "RHSA-2011:1384",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
            },
            {
              "name": "50218",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/50218"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
            },
            {
              "name": "SSRT100867",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            },
            {
              "name": "oracle-jre-scripting-unspecified(70849)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
            },
            {
              "name": "1026215",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026215"
            },
            {
              "name": "USN-1263-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1263-1"
            },
            {
              "name": "HPSBMU02797",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            },
            {
              "name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2011-3544",
    "datePublished": "2011-10-19T21:00:00.000Z",
    "dateReserved": "2011-09-16T00:00:00.000Z",
    "dateUpdated": "2025-10-22T00:05:49.147Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2011-3544",
      "dateAdded": "2022-03-03",
      "dueDate": "2022-03-24",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-3544",
      "product": "Java SE JDK and JRE",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle\u0027s Java Runtime Environment allows an attacker to remotely execute arbitrary code.",
      "vendorProject": "Oracle",
      "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947\", \"name\": \"oval:org.mitre.oval:def:13947\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"name\": \"GLSA-201406-32\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/48308\", \"name\": \"48308\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2\", \"name\": \"HPSBUX02730\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html\", \"name\": \"SUSE-SU-2012:0114\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1455.html\", \"name\": \"RHSA-2013:1455\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2\", \"name\": \"SSRT100710\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-1384.html\", \"name\": \"RHSA-2011:1384\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/50218\", \"name\": \"50218\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2\", \"name\": \"SSRT100867\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/70849\", \"name\": \"oracle-jre-scripting-unspecified(70849)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1026215\", \"name\": \"1026215\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1263-1\", \"name\": \"USN-1263-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2\", \"name\": \"HPSBMU02797\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.ibm.com/developerworks/java/jdk/alerts/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T23:37:48.020Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2011-3544\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T19:24:24.898601Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-3544\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-03T00:00:00.000Z\", \"value\": \"CVE-2011-3544 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-3544\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284 Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T19:24:08.395Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2011-10-18T00:00:00.000Z\", \"references\": [{\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947\", \"name\": \"oval:org.mitre.oval:def:13947\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"name\": \"GLSA-201406-32\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://secunia.com/advisories/48308\", \"name\": \"48308\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2\", \"name\": \"HPSBUX02730\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html\", \"name\": \"SUSE-SU-2012:0114\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1455.html\", \"name\": \"RHSA-2013:1455\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2\", \"name\": \"SSRT100710\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-1384.html\", \"name\": \"RHSA-2011:1384\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securityfocus.com/bid/50218\", \"name\": \"50218\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2\", \"name\": \"SSRT100867\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/70849\", \"name\": \"oracle-jre-scripting-unspecified(70849)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\"]}, {\"url\": \"http://www.securitytracker.com/id?1026215\", \"name\": \"1026215\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-1263-1\", \"name\": \"USN-1263-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2\", \"name\": \"HPSBMU02797\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.ibm.com/developerworks/java/jdk/alerts/\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2018-01-05T18:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947\", \"name\": \"oval:org.mitre.oval:def:13947\", \"refsource\": \"OVAL\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"name\": \"GLSA-201406-32\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2\", \"name\": \"HPSBMU02799\", \"refsource\": \"HP\"}, {\"url\": \"http://secunia.com/advisories/48308\", \"name\": \"48308\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2\", \"name\": \"HPSBUX02730\", \"refsource\": \"HP\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html\", \"name\": \"SUSE-SU-2012:0114\", \"refsource\": \"SUSE\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1455.html\", \"name\": \"RHSA-2013:1455\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2\", \"name\": \"SSRT100710\", \"refsource\": \"HP\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-1384.html\", \"name\": \"RHSA-2011:1384\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.securityfocus.com/bid/50218\", \"name\": \"50218\", \"refsource\": \"BID\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2\", \"name\": \"SSRT100867\", \"refsource\": \"HP\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/70849\", \"name\": \"oracle-jre-scripting-unspecified(70849)\", \"refsource\": \"XF\"}, {\"url\": \"http://www.securitytracker.com/id?1026215\", \"name\": \"1026215\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1263-1\", \"name\": \"USN-1263-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2\", \"name\": \"HPSBMU02797\", \"refsource\": \"HP\"}, {\"url\": \"http://www.ibm.com/developerworks/java/jdk/alerts/\", \"name\": \"http://www.ibm.com/developerworks/java/jdk/alerts/\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2011-3544\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2011-3544\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-22T00:05:49.147Z\", \"dateReserved\": \"2011-09-16T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2011-10-19T21:00:00.000Z\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2011-3544

Vulnerability from fkie_nvd - Published: 2011-10-19 21:55 - Updated: 2025-10-22 01:15

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=132750579901589&w=2	Mailing List
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Mailing List
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Mailing List
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
secalert_us@oracle.com	http://secunia.com/advisories/48308	Broken Link
secalert_us@oracle.com	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
secalert_us@oracle.com	http://www.ibm.com/developerworks/java/jdk/alerts/	Product
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.redhat.com/support/errata/RHSA-2011-1384.html	Broken Link
secalert_us@oracle.com	http://www.securityfocus.com/bid/50218	Broken Link, Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.securitytracker.com/id?1026215	Broken Link, Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.ubuntu.com/usn/USN-1263-1	Third Party Advisory
secalert_us@oracle.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/70849	Third Party Advisory, VDB Entry
secalert_us@oracle.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=132750579901589&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48308	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/developerworks/java/jdk/alerts/	Product
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-1384.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/50218	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1026215	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1263-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/70849	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947	Broken Link
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-3544

Impacted products

Vendor	Product	Version
oracle	jdk	*
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jre	*
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	10.10
canonical	ubuntu_linux	11.04
canonical	ubuntu_linux	11.10
redhat	satellite_with_embedded_oracle	5.4
suse	linux_enterprise_java	10
suse	linux_enterprise_server	10

JSON

To clipboard

{
  "cisaActionDue": "2022-03-24",
  "cisaExploitAdd": "2022-03-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD1AF818-452D-46FE-BD02-05E2E94DDE30",
              "versionEndExcluding": "1.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4A420DA5-1346-446B-8D23-E1E6DDBE527E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B8CA8719-7ABE-4279-B49E-C414794A4FE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "DC92B7EC-849F-4255-9D55-43681B8DADC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "2ABC1045-7D3D-4A14-B994-7E60A4BB4C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "1F3C1E65-929A-4468-8584-F086E6E59839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "42C95C1D-0C2E-4733-AB1B-65650D88995D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "47A9F499-D1E3-41BD-AC18-E8D3D3231C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "D45B0D7E-BA0F-4AAA-A7BA-2ADA4CC90D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "D58A3E4F-2409-440A-891E-0B84D79AB480",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "3FC2226B-CFEF-48A4-83EA-1F59F4AF7528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "F29DC78F-4D02-47B4-A955-32080B22356C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "81A4204E-6F50-45FB-A343-7A30C0CD6D3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D6E07069-D6EE-4D44-94A6-CDCA4A50E6F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "4B151882-47C0-400E-BBAB-A949E6140C86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "6DB4F19E-DFC4-42F4-87B9-32FB1C496649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "ACABC935-5DD6-4F85-992E-70AD517EF41D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:*:*:*:*:*:*",
              "matchCriteriaId": "270DE3F5-C51F-4E62-B532-7773BCF8CC7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:*:*:*:*:*:*",
              "matchCriteriaId": "5ED1BA76-BCA4-483F-B238-39FA792984BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:*:*:*:*:*:*",
              "matchCriteriaId": "D450D249-DD3B-435F-B006-C44A215A3DC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD9FCDEB-2854-42FF-8BF4-A50890B3F08F",
              "versionEndExcluding": "1.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "EB864346-1429-46B5-A91E-A1126C486421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F199B346-B95E-4DCA-B750-148A36D559BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "1714BDEF-6B0E-42BB-9510-3F9B52E170BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "830A3A51-F17A-4C61-8F5C-6A4582A64DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "9DE0E496-719D-4CEF-837F-B060A898099F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "3B02F361-0C64-4CB8-8DAD-A63F1A9CC025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "FD4CC3E2-7BEA-4D8C-811C-C5012327A9AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "9F63A8AC-893D-4D75-B467-85E70B62541D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "D7823AE6-CB18-47DE-8A4F-1F98394B7237",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "381EFA43-DB73-48EA-A4B1-F451EF60D845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "77C54E00-0197-4C87-9BFF-01A099AC3006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "64AD6007-EB92-4D0E-A0CB-8FFDDB61AA6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "7415177F-A2FE-47AB-8D92-194A4F6D75C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "52FA600C-08B6-4143-9C72-DB31E489DE3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2752B83A-6DD2-4829-9E4F-42CDDCBC38C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "964CCFD6-316A-48C6-9A6B-7CFD1A1FB027",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "DC8771D7-9531-4A1D-B2DE-FAA7A7549801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "6C59C275-5964-4E5D-BE80-BA4EA34BEA62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "47C1922B-37E8-4009-97C7-B243F6F96704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "68957C57-EC74-4896-B97D-E936DC6AD31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "6B3A8681-3EAC-4D02-811A-5FCCCC7B5635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10_b31:*:*:*:*:*:*",
              "matchCriteriaId": "61B7A9E2-14BE-40E3-AF51-1BA6FC612170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b31:*:*:*:*:*:*",
              "matchCriteriaId": "B0228195-41B4-4145-B8A4-7B974456ABA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b32:*:*:*:*:*:*",
              "matchCriteriaId": "44F8FB6D-3602-4263-9814-CCB64B8D1926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21_b31:*:*:*:*:*:*",
              "matchCriteriaId": "2D3257E5-17DB-4E02-9A8E-DD0E4D4339DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b33:*:*:*:*:*:*",
              "matchCriteriaId": "3391456D-86B0-457B-83BB-4C74DA0ED634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b34:*:*:*:*:*:*",
              "matchCriteriaId": "AA88EAC0-FD2D-4B38-8944-D4B6C3BD6FE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b35:*:*:*:*:*:*",
              "matchCriteriaId": "C12DF03E-6E61-41DF-A283-D16AB356B6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7_b32:*:*:*:*:*:*",
              "matchCriteriaId": "CD27AF64-5AA9-40F0-9308-2B4196FE7653",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2A12684-8CB8-49A6-8E06-1E1AE5B43E87",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE v7 y v6 Update 27 y anteriores permite a aplicaciones remotas Java Web Start y applets Java no confiables afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con secuencias de comandos."
    }
  ],
  "id": "CVE-2011-3544",
  "lastModified": "2025-10-22T01:15:41.483",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2011-10-19T21:55:01.097",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/48308"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Product"
      ],
      "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/50218"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1026215"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1263-1"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/48308"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/50218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1026215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1263-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-3544"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CERTA-2012-AVI-395

Vulnerability from certfr_avis - Published: 2012-07-18 - Updated: 2012-07-18

Plusieurs vulnérabilités ont été corrigées dans HP Network Node Manager i. Elles permettent à un utilisateur malintentionné de provoquer un déni de service à distance et de porter atteinte à l'intégrité et à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	HP Network Node Manager i 9.0x ;
	N/A	N/A	HP Network Node Manager i 9.1x.

References

Title

Publication Time

Tags

Bulletins de sécurité HP c03358587 et c03405642 du 16 juillet 2012	None	vendor-advisory
Bulletin de sécurité HP c03358587 du 16 juillet 2012 :	-	other
Bulletin de sécurité HP c03405642 du 16 juillet 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP Network Node Manager i 9.0x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP Network Node Manager i 9.1x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
    },
    {
      "name": "CVE-2011-3558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3558"
    },
    {
      "name": "CVE-2010-4465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4465"
    },
    {
      "name": "CVE-2010-4470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4470"
    },
    {
      "name": "CVE-2012-0500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0500"
    },
    {
      "name": "CVE-2012-0502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0502"
    },
    {
      "name": "CVE-2010-4473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4473"
    },
    {
      "name": "CVE-2011-3556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
    },
    {
      "name": "CVE-2011-3545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3545"
    },
    {
      "name": "CVE-2010-0090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0090"
    },
    {
      "name": "CVE-2011-3548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3548"
    },
    {
      "name": "CVE-2010-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0840"
    },
    {
      "name": "CVE-2011-0864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
    },
    {
      "name": "CVE-2010-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4447"
    },
    {
      "name": "CVE-2011-0868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0868"
    },
    {
      "name": "CVE-2012-0507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0507"
    },
    {
      "name": "CVE-2010-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0846"
    },
    {
      "name": "CVE-2010-1321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1321"
    },
    {
      "name": "CVE-2010-4451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4451"
    },
    {
      "name": "CVE-2009-3871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3871"
    },
    {
      "name": "CVE-2012-0505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0505"
    },
    {
      "name": "CVE-2010-4452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4452"
    },
    {
      "name": "CVE-2010-4467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4467"
    },
    {
      "name": "CVE-2010-3552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3552"
    },
    {
      "name": "CVE-2010-3541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3541"
    },
    {
      "name": "CVE-2011-3554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3554"
    },
    {
      "name": "CVE-2010-4450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4450"
    },
    {
      "name": "CVE-2011-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3555"
    },
    {
      "name": "CVE-2010-3558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3558"
    },
    {
      "name": "CVE-2010-3549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3549"
    },
    {
      "name": "CVE-2009-3867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3867"
    },
    {
      "name": "CVE-2011-0866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0866"
    },
    {
      "name": "CVE-2010-4468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4468"
    },
    {
      "name": "CVE-2010-0844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0844"
    },
    {
      "name": "CVE-2010-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0841"
    },
    {
      "name": "CVE-2010-0845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0845"
    },
    {
      "name": "CVE-2010-3573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3573"
    },
    {
      "name": "CVE-2010-3572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3572"
    },
    {
      "name": "CVE-2010-3559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3559"
    },
    {
      "name": "CVE-2011-3552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3552"
    },
    {
      "name": "CVE-2010-3571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3571"
    },
    {
      "name": "CVE-2012-0499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0499"
    },
    {
      "name": "CVE-2010-0089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0089"
    },
    {
      "name": "CVE-2011-0871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
    },
    {
      "name": "CVE-2010-4422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4422"
    },
    {
      "name": "CVE-2011-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3560"
    },
    {
      "name": "CVE-2010-0886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0886"
    },
    {
      "name": "CVE-2010-4448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4448"
    },
    {
      "name": "CVE-2010-4462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4462"
    },
    {
      "name": "CVE-2010-0847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0847"
    },
    {
      "name": "CVE-2010-3566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3566"
    },
    {
      "name": "CVE-2010-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3560"
    },
    {
      "name": "CVE-2009-3872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3872"
    },
    {
      "name": "CVE-2011-0786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0786"
    },
    {
      "name": "CVE-2009-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
    },
    {
      "name": "CVE-2011-3544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3544"
    },
    {
      "name": "CVE-2010-3570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3570"
    },
    {
      "name": "CVE-2012-0506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0506"
    },
    {
      "name": "CVE-2011-0802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
    },
    {
      "name": "CVE-2012-0503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0503"
    },
    {
      "name": "CVE-2010-0843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0843"
    },
    {
      "name": "CVE-2010-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3563"
    },
    {
      "name": "CVE-2010-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3555"
    },
    {
      "name": "CVE-2010-3556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3556"
    },
    {
      "name": "CVE-2010-0839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0839"
    },
    {
      "name": "CVE-2010-0849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0849"
    },
    {
      "name": "CVE-2011-3561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3561"
    },
    {
      "name": "CVE-2010-4471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4471"
    },
    {
      "name": "CVE-2010-4454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4454"
    },
    {
      "name": "CVE-2011-3551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3551"
    },
    {
      "name": "CVE-2010-0093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0093"
    },
    {
      "name": "CVE-2010-3569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3569"
    },
    {
      "name": "CVE-2010-0848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0848"
    },
    {
      "name": "CVE-2009-3876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3876"
    },
    {
      "name": "CVE-2011-3521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3521"
    },
    {
      "name": "CVE-2011-0862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
    },
    {
      "name": "CVE-2010-4472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4472"
    },
    {
      "name": "CVE-2009-3875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3875"
    },
    {
      "name": "CVE-2011-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3563"
    },
    {
      "name": "CVE-2010-4463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4463"
    },
    {
      "name": "CVE-2011-3553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3553"
    },
    {
      "name": "CVE-2010-3562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3562"
    },
    {
      "name": "CVE-2009-3869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3869"
    },
    {
      "name": "CVE-2011-0865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
    },
    {
      "name": "CVE-2010-0092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0092"
    },
    {
      "name": "CVE-2010-3568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3568"
    },
    {
      "name": "CVE-2010-3548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3548"
    },
    {
      "name": "CVE-2010-0085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0085"
    },
    {
      "name": "CVE-2010-0095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0095"
    },
    {
      "name": "CVE-2011-0815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
    },
    {
      "name": "CVE-2011-0817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0817"
    },
    {
      "name": "CVE-2011-0863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0863"
    },
    {
      "name": "CVE-2010-3561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3561"
    },
    {
      "name": "CVE-2010-0091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0091"
    },
    {
      "name": "CVE-2010-4469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4469"
    },
    {
      "name": "CVE-2009-3873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3873"
    },
    {
      "name": "CVE-2012-0497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0497"
    },
    {
      "name": "CVE-2011-0873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0873"
    },
    {
      "name": "CVE-2011-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3516"
    },
    {
      "name": "CVE-2011-0814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
    },
    {
      "name": "CVE-2010-4475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4475"
    },
    {
      "name": "CVE-2010-3567",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3567"
    },
    {
      "name": "CVE-2011-0788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0788"
    },
    {
      "name": "CVE-2010-3550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3550"
    },
    {
      "name": "CVE-2011-0869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0869"
    },
    {
      "name": "CVE-2012-0501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0501"
    },
    {
      "name": "CVE-2012-0504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0504"
    },
    {
      "name": "CVE-2010-0084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0084"
    },
    {
      "name": "CVE-2010-4466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4466"
    },
    {
      "name": "CVE-2011-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
    },
    {
      "name": "CVE-2010-0887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0887"
    },
    {
      "name": "CVE-2011-0867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
    },
    {
      "name": "CVE-2011-3549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3549"
    },
    {
      "name": "CVE-2010-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3557"
    },
    {
      "name": "CVE-2009-3874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3874"
    },
    {
      "name": "CVE-2010-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3565"
    },
    {
      "name": "CVE-2010-0088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0088"
    },
    {
      "name": "CVE-2010-0842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0842"
    },
    {
      "name": "CVE-2009-3868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3868"
    },
    {
      "name": "CVE-2010-3574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3574"
    },
    {
      "name": "CVE-2011-3547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3547"
    },
    {
      "name": "CVE-2010-0837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0837"
    },
    {
      "name": "CVE-2010-4474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4474"
    },
    {
      "name": "CVE-2011-3550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3550"
    },
    {
      "name": "CVE-2009-3865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3865"
    },
    {
      "name": "CVE-2011-5035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-5035"
    },
    {
      "name": "CVE-2010-3551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3551"
    },
    {
      "name": "CVE-2010-3554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3554"
    },
    {
      "name": "CVE-2010-0094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0094"
    },
    {
      "name": "CVE-2012-0508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0508"
    },
    {
      "name": "CVE-2010-0082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0082"
    },
    {
      "name": "CVE-2012-0498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0498"
    },
    {
      "name": "CVE-2010-0087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0087"
    },
    {
      "name": "CVE-2011-0872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0872"
    },
    {
      "name": "CVE-2011-3546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3546"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    },
    {
      "name": "CVE-2009-3866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3866"
    },
    {
      "name": "CVE-2010-3553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3553"
    },
    {
      "name": "CVE-2010-0838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0838"
    },
    {
      "name": "CVE-2010-0850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0850"
    }
  ],
  "initial_release_date": "2012-07-18T00:00:00",
  "last_revision_date": "2012-07-18T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03358587 du 16 juillet 2012 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03358587"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03405642 du 16 juillet 2012 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03405642"
    }
  ],
  "reference": "CERTA-2012-AVI-395",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-07-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eHP\nNetwork Node Manager i\u003c/span\u003e. Elles permettent \u00e0 un utilisateur\nmalintentionn\u00e9 de provoquer un d\u00e9ni de service \u00e0 distance et de porter\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans HP Network Node Manager i",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 HP c03358587 et c03405642 du 16 juillet 2012",
      "url": null
    }
  ]
}

CERTA-2011-AVI-580

Vulnerability from certfr_avis - Published: 2011-10-20 - Updated: 2012-01-31

Plusieurs vulnérabilités ont été corrigées dans Oracle Java et permettent d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités ont été corrigées dans Oracle Java. Certaines d'entre elles permettent à une personne malintentionnée d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle JDK et JRE 6 update 27 et versions antérieures ;
Oracle	N/A	Oracle FX 2.0 ;
Oracle	N/A	Oracle JDK et JRE 7 ;
Oracle	N/A	Oracle JDK et JRE 1.4.2_33 et versions antérieures ;
Oracle	N/A	Oracle JDK et JRE 5.0 update 31 et versions antérieures ;
Oracle	N/A	Oracle JRockit R28.1.4 et versions antérieures.

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle du 18 octobre 2011	None	vendor-advisory
Bulletin de sécurité Apple du 08 novembre 2011 :	-	other
Bulletin de sécurité HP du 23 janvier 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle JDK et JRE 6 update 27 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle FX 2.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JDK et JRE 7 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JDK et JRE 1.4.2_33 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JDK et JRE 5.0 update 31 et versions ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JRockit R28.1.4 et versions ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Oracle Java. Certaines\nd\u0027entre elles permettent \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter du\ncode arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-3558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3558"
    },
    {
      "name": "CVE-2011-3556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
    },
    {
      "name": "CVE-2011-3545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3545"
    },
    {
      "name": "CVE-2011-3548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3548"
    },
    {
      "name": "CVE-2011-3554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3554"
    },
    {
      "name": "CVE-2011-3555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3555"
    },
    {
      "name": "CVE-2011-3552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3552"
    },
    {
      "name": "CVE-2011-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3560"
    },
    {
      "name": "CVE-2011-3544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3544"
    },
    {
      "name": "CVE-2011-3561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3561"
    },
    {
      "name": "CVE-2011-3551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3551"
    },
    {
      "name": "CVE-2011-3521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3521"
    },
    {
      "name": "CVE-2011-3553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3553"
    },
    {
      "name": "CVE-2011-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3516"
    },
    {
      "name": "CVE-2011-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
    },
    {
      "name": "CVE-2011-3549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3549"
    },
    {
      "name": "CVE-2011-3547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3547"
    },
    {
      "name": "CVE-2011-3550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3550"
    },
    {
      "name": "CVE-2011-3546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3546"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    }
  ],
  "initial_release_date": "2011-10-20T00:00:00",
  "last_revision_date": "2012-01-31T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 08 novembre 2011 :",
      "url": "http://support.apple.com/kb/ht5045"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP du 23 janvier 2012\u00a0:",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03122753"
    }
  ],
  "reference": "CERTA-2011-AVI-580",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-20T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 Apple.",
      "revision_date": "2011-11-10T00:00:00.000000"
    },
    {
      "description": "ajout du bulletin de s\u00e9curit\u00e9 HP.",
      "revision_date": "2012-01-31T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Oracle Java et\npermettent d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Java",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 18 octobre 2011",
      "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
    }
  ]
}

CERTFR-2017-AVI-228

Vulnerability from certfr_avis - Published: 2017-07-19 - Updated: 2017-07-19

De multiples vulnérabilités ont été corrigées dans SCADA Schneider Electric Trio TView. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Trio TView Software, TBUMPROG-TVIEW versions 3.27.0 et antérieures

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider Electric SEVD-2017-199-01 du 18 juillet 2017	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2017-199-01 du 18 juillet 2017	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eTrio TView Software, TBUMPROG-TVIEW versions 3.27.0 et  ant\u00e9rieures\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-0494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0494"
    },
    {
      "name": "CVE-2014-6492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6492"
    },
    {
      "name": "CVE-2013-2472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2472"
    },
    {
      "name": "CVE-2016-0448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0448"
    },
    {
      "name": "CVE-2013-1563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1563"
    },
    {
      "name": "CVE-2014-0458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0458"
    },
    {
      "name": "CVE-2014-4219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4219"
    },
    {
      "name": "CVE-2016-0687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0687"
    },
    {
      "name": "CVE-2013-5818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5818"
    },
    {
      "name": "CVE-2014-6512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6512"
    },
    {
      "name": "CVE-2014-0460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0460"
    },
    {
      "name": "CVE-2014-0417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0417"
    },
    {
      "name": "CVE-2014-6531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6531"
    },
    {
      "name": "CVE-2012-1722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1722"
    },
    {
      "name": "CVE-2011-3558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3558"
    },
    {
      "name": "CVE-2013-1481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1481"
    },
    {
      "name": "CVE-2014-2427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2427"
    },
    {
      "name": "CVE-2014-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2398"
    },
    {
      "name": "CVE-2013-2420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2420"
    },
    {
      "name": "CVE-2013-1518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1518"
    },
    {
      "name": "CVE-2015-0383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0383"
    },
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2013-5819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5819"
    },
    {
      "name": "CVE-2012-0500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0500"
    },
    {
      "name": "CVE-2013-5910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5910"
    },
    {
      "name": "CVE-2014-6593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6593"
    },
    {
      "name": "CVE-2014-4216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4216"
    },
    {
      "name": "CVE-2012-0502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0502"
    },
    {
      "name": "CVE-2012-3159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3159"
    },
    {
      "name": "CVE-2013-2466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2466"
    },
    {
      "name": "CVE-2011-3556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
    },
    {
      "name": "CVE-2012-1533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1533"
    },
    {
      "name": "CVE-2012-1531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1531"
    },
    {
      "name": "CVE-2013-2473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2473"
    },
    {
      "name": "CVE-2012-3216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3216"
    },
    {
      "name": "CVE-2014-6458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6458"
    },
    {
      "name": "CVE-2015-2628",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2628"
    },
    {
      "name": "CVE-2011-3545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3545"
    },
    {
      "name": "CVE-2011-3548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3548"
    },
    {
      "name": "CVE-2013-5823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5823"
    },
    {
      "name": "CVE-2013-2445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2445"
    },
    {
      "name": "CVE-2014-0446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0446"
    },
    {
      "name": "CVE-2014-6457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6457"
    },
    {
      "name": "CVE-2013-1557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1557"
    },
    {
      "name": "CVE-2014-2421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2421"
    },
    {
      "name": "CVE-2015-0469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0469"
    },
    {
      "name": "CVE-2013-1500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1500"
    },
    {
      "name": "CVE-2013-2464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2464"
    },
    {
      "name": "CVE-2013-0426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0426"
    },
    {
      "name": "CVE-2012-5081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5081"
    },
    {
      "name": "CVE-2013-2443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2443"
    },
    {
      "name": "CVE-2012-0507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0507"
    },
    {
      "name": "CVE-2014-2423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2423"
    },
    {
      "name": "CVE-2013-2459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2459"
    },
    {
      "name": "CVE-2013-2442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2442"
    },
    {
      "name": "CVE-2015-0408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0408"
    },
    {
      "name": "CVE-2013-2457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2457"
    },
    {
      "name": "CVE-2014-4265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4265"
    },
    {
      "name": "CVE-2013-2468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2468"
    },
    {
      "name": "CVE-2013-5803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5803"
    },
    {
      "name": "CVE-2016-5554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5554"
    },
    {
      "name": "CVE-2013-1571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1571"
    },
    {
      "name": "CVE-2014-2401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2401"
    },
    {
      "name": "CVE-2012-3213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3213"
    },
    {
      "name": "CVE-2012-5083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5083"
    },
    {
      "name": "CVE-2013-0446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0446"
    },
    {
      "name": "CVE-2015-4749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4749"
    },
    {
      "name": "CVE-2012-0505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0505"
    },
    {
      "name": "CVE-2013-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1473"
    },
    {
      "name": "CVE-2016-0483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0483"
    },
    {
      "name": "CVE-2015-4903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4903"
    },
    {
      "name": "CVE-2015-0410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0410"
    },
    {
      "name": "CVE-2015-2632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2632"
    },
    {
      "name": "CVE-2014-0403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0403"
    },
    {
      "name": "CVE-2015-0400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0400"
    },
    {
      "name": "CVE-2012-1721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1721"
    },
    {
      "name": "CVE-2013-2419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2419"
    },
    {
      "name": "CVE-2015-2637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2637"
    },
    {
      "name": "CVE-2014-4218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4218"
    },
    {
      "name": "CVE-2011-3554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3554"
    },
    {
      "name": "CVE-2016-3550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3550"
    },
    {
      "name": "CVE-2013-5843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5843"
    },
    {
      "name": "CVE-2013-2463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2463"
    },
    {
      "name": "CVE-2012-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1720"
    },
    {
      "name": "CVE-2014-4288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4288"
    },
    {
      "name": "CVE-2014-6511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6511"
    },
    {
      "name": "CVE-2015-4872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4872"
    },
    {
      "name": "CVE-2015-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0459"
    },
    {
      "name": "CVE-2013-2444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2444"
    },
    {
      "name": "CVE-2013-2446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2446"
    },
    {
      "name": "CVE-2012-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1724"
    },
    {
      "name": "CVE-2012-5077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5077"
    },
    {
      "name": "CVE-2015-4860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4860"
    },
    {
      "name": "CVE-2014-6532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6532"
    },
    {
      "name": "CVE-2013-5814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5814"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2014-2428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2428"
    },
    {
      "name": "CVE-2012-5072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5072"
    },
    {
      "name": "CVE-2016-0695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0695"
    },
    {
      "name": "CVE-2016-3485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3485"
    },
    {
      "name": "CVE-2013-2454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2454"
    },
    {
      "name": "CVE-2013-1475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1475"
    },
    {
      "name": "CVE-2012-5079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5079"
    },
    {
      "name": "CVE-2014-6513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6513"
    },
    {
      "name": "CVE-2013-5778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5778"
    },
    {
      "name": "CVE-2014-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0411"
    },
    {
      "name": "CVE-2012-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1723"
    },
    {
      "name": "CVE-2016-3427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3427"
    },
    {
      "name": "CVE-2015-0458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0458"
    },
    {
      "name": "CVE-2013-2461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2461"
    },
    {
      "name": "CVE-2015-4902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4902"
    },
    {
      "name": "CVE-2012-5075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5075"
    },
    {
      "name": "CVE-2013-1493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1493"
    },
    {
      "name": "CVE-2013-5776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5776"
    },
    {
      "name": "CVE-2012-5071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5071"
    },
    {
      "name": "CVE-2014-6493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6493"
    },
    {
      "name": "CVE-2015-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4806"
    },
    {
      "name": "CVE-2011-3552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3552"
    },
    {
      "name": "CVE-2015-2590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2590"
    },
    {
      "name": "CVE-2013-2435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2435"
    },
    {
      "name": "CVE-2014-6517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6517"
    },
    {
      "name": "CVE-2012-5086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5086"
    },
    {
      "name": "CVE-2012-5920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5920"
    },
    {
      "name": "CVE-2016-3458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3458"
    },
    {
      "name": "CVE-2012-0499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0499"
    },
    {
      "name": "CVE-2013-4204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4204"
    },
    {
      "name": "CVE-2015-0492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0492"
    },
    {
      "name": "CVE-2014-0429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0429"
    },
    {
      "name": "CVE-2013-0443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0443"
    },
    {
      "name": "CVE-2014-0424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0424"
    },
    {
      "name": "CVE-2013-5801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5801"
    },
    {
      "name": "CVE-2014-0422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0422"
    },
    {
      "name": "CVE-2013-2440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2440"
    },
    {
      "name": "CVE-2015-4844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4844"
    },
    {
      "name": "CVE-2013-5884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5884"
    },
    {
      "name": "CVE-2015-4760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4760"
    },
    {
      "name": "CVE-2015-4893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4893"
    },
    {
      "name": "CVE-2013-0409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0409"
    },
    {
      "name": "CVE-2016-0686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0686"
    },
    {
      "name": "CVE-2011-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3560"
    },
    {
      "name": "CVE-2014-6601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6601"
    },
    {
      "name": "CVE-2014-2420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2420"
    },
    {
      "name": "CVE-2015-4000",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4000"
    },
    {
      "name": "CVE-2015-0406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0406"
    },
    {
      "name": "CVE-2015-4882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4882"
    },
    {
      "name": "CVE-2013-2455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2455"
    },
    {
      "name": "CVE-2013-5832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5832"
    },
    {
      "name": "CVE-2015-2627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2627"
    },
    {
      "name": "CVE-2013-2429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2429"
    },
    {
      "name": "CVE-2011-3544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3544"
    },
    {
      "name": "CVE-2013-5907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5907"
    },
    {
      "name": "CVE-2015-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4911"
    },
    {
      "name": "CVE-2014-6503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6503"
    },
    {
      "name": "CVE-2015-0407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0407"
    },
    {
      "name": "CVE-2012-0506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0506"
    },
    {
      "name": "CVE-2013-5784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5784"
    },
    {
      "name": "CVE-2013-5898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5898"
    },
    {
      "name": "CVE-2014-2403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2403"
    },
    {
      "name": "CVE-2015-4731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4731"
    },
    {
      "name": "CVE-2015-2621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2621"
    },
    {
      "name": "CVE-2014-0387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0387"
    },
    {
      "name": "CVE-2013-0442",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0442"
    },
    {
      "name": "CVE-2015-0460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0460"
    },
    {
      "name": "CVE-2012-3342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3342"
    },
    {
      "name": "CVE-2013-5782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5782"
    },
    {
      "name": "CVE-2016-5542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5542"
    },
    {
      "name": "CVE-2015-4732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4732"
    },
    {
      "name": "CVE-2015-0395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0395"
    },
    {
      "name": "CVE-2013-2453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2453"
    },
    {
      "name": "CVE-2012-0503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0503"
    },
    {
      "name": "CVE-2013-2418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2418"
    },
    {
      "name": "CVE-2013-1476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1476"
    },
    {
      "name": "CVE-2013-1479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1479"
    },
    {
      "name": "CVE-2013-5790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5790"
    },
    {
      "name": "CVE-2013-0434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0434"
    },
    {
      "name": "CVE-2014-6466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6466"
    },
    {
      "name": "CVE-2014-4262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4262"
    },
    {
      "name": "CVE-2014-0453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0453"
    },
    {
      "name": "CVE-2014-2414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2414"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2011-3561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3561"
    },
    {
      "name": "CVE-2013-0429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0429"
    },
    {
      "name": "CVE-2016-3449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3449"
    },
    {
      "name": "CVE-2013-5802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5802"
    },
    {
      "name": "CVE-2015-4881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4881"
    },
    {
      "name": "CVE-2011-3551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3551"
    },
    {
      "name": "CVE-2013-5820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5820"
    },
    {
      "name": "CVE-2013-5849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5849"
    },
    {
      "name": "CVE-2013-5842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5842"
    },
    {
      "name": "CVE-2013-0445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0445"
    },
    {
      "name": "CVE-2012-5073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5073"
    },
    {
      "name": "CVE-2014-0423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0423"
    },
    {
      "name": "CVE-2013-0438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0438"
    },
    {
      "name": "CVE-2014-0410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0410"
    },
    {
      "name": "CVE-2011-3521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3521"
    },
    {
      "name": "CVE-2012-1711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1711"
    },
    {
      "name": "CVE-2016-3425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3425"
    },
    {
      "name": "CVE-2013-5888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5888"
    },
    {
      "name": "CVE-2013-0427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0427"
    },
    {
      "name": "CVE-2015-4883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4883"
    },
    {
      "name": "CVE-2013-5772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5772"
    },
    {
      "name": "CVE-2013-2470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2470"
    },
    {
      "name": "CVE-2015-0403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0403"
    },
    {
      "name": "CVE-2014-2409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2409"
    },
    {
      "name": "CVE-2012-5084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5084"
    },
    {
      "name": "CVE-2014-0376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0376"
    },
    {
      "name": "CVE-2013-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5889"
    },
    {
      "name": "CVE-2014-4252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4252"
    },
    {
      "name": "CVE-2016-3443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3443"
    },
    {
      "name": "CVE-2014-6591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6591"
    },
    {
      "name": "CVE-2014-0416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0416"
    },
    {
      "name": "CVE-2014-4209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4209"
    },
    {
      "name": "CVE-2011-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3563"
    },
    {
      "name": "CVE-2011-3553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3553"
    },
    {
      "name": "CVE-2016-3508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3508"
    },
    {
      "name": "CVE-2015-4843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4843"
    },
    {
      "name": "CVE-2013-0440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0440"
    },
    {
      "name": "CVE-2013-3829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3829"
    },
    {
      "name": "CVE-2015-2638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2638"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2013-2430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2430"
    },
    {
      "name": "CVE-2016-0402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0402"
    },
    {
      "name": "CVE-2013-2450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2450"
    },
    {
      "name": "CVE-2013-5850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5850"
    },
    {
      "name": "CVE-2014-4263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4263"
    },
    {
      "name": "CVE-2013-5804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5804"
    },
    {
      "name": "CVE-2013-1486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1486"
    },
    {
      "name": "CVE-2013-5787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5787"
    },
    {
      "name": "CVE-2013-5780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5780"
    },
    {
      "name": "CVE-2013-0450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0450"
    },
    {
      "name": "CVE-2012-5089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5089"
    },
    {
      "name": "CVE-2013-0428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0428"
    },
    {
      "name": "CVE-2012-0547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0547"
    },
    {
      "name": "CVE-2013-2448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2448"
    },
    {
      "name": "CVE-2012-3143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3143"
    },
    {
      "name": "CVE-2013-2432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2432"
    },
    {
      "name": "CVE-2013-2439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2439"
    },
    {
      "name": "CVE-2013-2422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2422"
    },
    {
      "name": "CVE-2013-5797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5797"
    },
    {
      "name": "CVE-2015-2664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2664"
    },
    {
      "name": "CVE-2015-2625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2625"
    },
    {
      "name": "CVE-2016-5582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5582"
    },
    {
      "name": "CVE-2013-5840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5840"
    },
    {
      "name": "CVE-2012-4681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4681"
    },
    {
      "name": "CVE-2013-5899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5899"
    },
    {
      "name": "CVE-2013-2451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2451"
    },
    {
      "name": "CVE-2013-2469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2469"
    },
    {
      "name": "CVE-2013-2437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2437"
    },
    {
      "name": "CVE-2015-4835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4835"
    },
    {
      "name": "CVE-2015-0478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0478"
    },
    {
      "name": "CVE-2014-6558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6558"
    },
    {
      "name": "CVE-2013-5852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5852"
    },
    {
      "name": "CVE-2012-1717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1717"
    },
    {
      "name": "CVE-2014-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4227"
    },
    {
      "name": "CVE-2015-4733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4733"
    },
    {
      "name": "CVE-2014-6506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6506"
    },
    {
      "name": "CVE-2014-0107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0107"
    },
    {
      "name": "CVE-2014-6504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6504"
    },
    {
      "name": "CVE-2013-5824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5824"
    },
    {
      "name": "CVE-2014-6515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6515"
    },
    {
      "name": "CVE-2013-2384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2384"
    },
    {
      "name": "CVE-2013-5829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5829"
    },
    {
      "name": "CVE-2012-0497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0497"
    },
    {
      "name": "CVE-2013-2407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2407"
    },
    {
      "name": "CVE-2013-2383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2383"
    },
    {
      "name": "CVE-2013-0430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0430"
    },
    {
      "name": "CVE-2013-1487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1487"
    },
    {
      "name": "CVE-2012-1541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1541"
    },
    {
      "name": "CVE-2011-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3516"
    },
    {
      "name": "CVE-2014-6585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6585"
    },
    {
      "name": "CVE-2013-5878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5878"
    },
    {
      "name": "CVE-2013-5817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5817"
    },
    {
      "name": "CVE-2015-0491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0491"
    },
    {
      "name": "CVE-2016-3422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3422"
    },
    {
      "name": "CVE-2013-2424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2424"
    },
    {
      "name": "CVE-2012-0501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0501"
    },
    {
      "name": "CVE-2013-1478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1478"
    },
    {
      "name": "CVE-2013-5774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5774"
    },
    {
      "name": "CVE-2013-2452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2452"
    },
    {
      "name": "CVE-2016-5573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5573"
    },
    {
      "name": "CVE-2013-5789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5789"
    },
    {
      "name": "CVE-2012-0504",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0504"
    },
    {
      "name": "CVE-2013-1558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1558"
    },
    {
      "name": "CVE-2013-0809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0809"
    },
    {
      "name": "CVE-2014-0457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0457"
    },
    {
      "name": "CVE-2013-5906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5906"
    },
    {
      "name": "CVE-2013-2417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2417"
    },
    {
      "name": "CVE-2015-0412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0412"
    },
    {
      "name": "CVE-2013-0423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0423"
    },
    {
      "name": "CVE-2014-4244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4244"
    },
    {
      "name": "CVE-2011-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
    },
    {
      "name": "CVE-2014-0373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0373"
    },
    {
      "name": "CVE-2013-2471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2471"
    },
    {
      "name": "CVE-2013-5812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5812"
    },
    {
      "name": "CVE-2013-5905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5905"
    },
    {
      "name": "CVE-2014-0451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0451"
    },
    {
      "name": "CVE-2011-3549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3549"
    },
    {
      "name": "CVE-2014-0418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0418"
    },
    {
      "name": "CVE-2012-5069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5069"
    },
    {
      "name": "CVE-2013-0419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0419"
    },
    {
      "name": "CVE-2013-0425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0425"
    },
    {
      "name": "CVE-2012-5068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5068"
    },
    {
      "name": "CVE-2014-0415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0415"
    },
    {
      "name": "CVE-2014-0428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0428"
    },
    {
      "name": "CVE-2013-0351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0351"
    },
    {
      "name": "CVE-2015-4803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4803"
    },
    {
      "name": "CVE-2013-1569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1569"
    },
    {
      "name": "CVE-2012-4416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4416"
    },
    {
      "name": "CVE-2014-0375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0375"
    },
    {
      "name": "CVE-2013-5831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5831"
    },
    {
      "name": "CVE-2014-0449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0449"
    },
    {
      "name": "CVE-2016-5597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5597"
    },
    {
      "name": "CVE-2013-5809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5809"
    },
    {
      "name": "CVE-2014-4268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4268"
    },
    {
      "name": "CVE-2013-0441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0441"
    },
    {
      "name": "CVE-2016-5568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5568"
    },
    {
      "name": "CVE-2015-0480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0480"
    },
    {
      "name": "CVE-2012-5085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5085"
    },
    {
      "name": "CVE-2013-0432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0432"
    },
    {
      "name": "CVE-2013-0424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0424"
    },
    {
      "name": "CVE-2013-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0435"
    },
    {
      "name": "CVE-2013-1540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1540"
    },
    {
      "name": "CVE-2014-8152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8152"
    },
    {
      "name": "CVE-2013-2465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2465"
    },
    {
      "name": "CVE-2014-6587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6587"
    },
    {
      "name": "CVE-2013-2456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2456"
    },
    {
      "name": "CVE-2013-0433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0433"
    },
    {
      "name": "CVE-2013-2433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2433"
    },
    {
      "name": "CVE-2014-2412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2412"
    },
    {
      "name": "CVE-2015-4842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4842"
    },
    {
      "name": "CVE-2014-0368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0368"
    },
    {
      "name": "CVE-2014-0461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0461"
    },
    {
      "name": "CVE-2011-3547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3547"
    },
    {
      "name": "CVE-2012-1532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1532"
    },
    {
      "name": "CVE-2013-2394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2394"
    },
    {
      "name": "CVE-2012-0551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0551"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    },
    {
      "name": "CVE-2015-2601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2601"
    },
    {
      "name": "CVE-2013-5887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5887"
    },
    {
      "name": "CVE-2013-5825",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5825"
    },
    {
      "name": "CVE-2015-0477",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0477"
    },
    {
      "name": "CVE-2011-3550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3550"
    },
    {
      "name": "CVE-2013-1537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1537"
    },
    {
      "name": "CVE-2015-4748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4748"
    },
    {
      "name": "CVE-2016-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0466"
    },
    {
      "name": "CVE-2016-5556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5556"
    },
    {
      "name": "CVE-2016-0603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0603"
    },
    {
      "name": "CVE-2013-5783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5783"
    },
    {
      "name": "CVE-2013-5902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5902"
    },
    {
      "name": "CVE-2016-3503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3503"
    },
    {
      "name": "CVE-2013-5896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5896"
    },
    {
      "name": "CVE-2012-0498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0498"
    },
    {
      "name": "CVE-2011-3546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3546"
    },
    {
      "name": "CVE-2013-2447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2447"
    },
    {
      "name": "CVE-2013-5830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5830"
    },
    {
      "name": "CVE-2014-0452",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0452"
    },
    {
      "name": "CVE-2015-4734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4734"
    },
    {
      "name": "CVE-2013-3743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3743"
    },
    {
      "name": "CVE-2016-3500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3500"
    },
    {
      "name": "CVE-2013-1480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1480"
    },
    {
      "name": "CVE-2015-0488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0488"
    },
    {
      "name": "CVE-2013-2412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2412"
    },
    {
      "name": "CVE-2015-4805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4805"
    }
  ],
  "initial_release_date": "2017-07-19T00:00:00",
  "last_revision_date": "2017-07-19T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2017-199-01 du    18 juillet 2017",
      "url": "http://www.schneider-electric.com/en/download/document/SEVD-2017-199-01/"
    }
  ],
  "reference": "CERTFR-2017-AVI-228",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-07-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eSCADA Schneider Electric Trio TView\u003c/span\u003e. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0\ndistance et un d\u00e9ni de service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA Schneider Electric Trio TView",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2017-199-01 du 18 juillet 2017",
      "url": null
    }
  ]
}

GSD-2011-3544

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-3544

Aliases

CVE-2011-3544

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-3544",
    "description": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.",
    "id": "GSD-2011-3544",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-3544.html",
      "https://www.debian.org/security/2011/dsa-2358",
      "https://www.debian.org/security/2011/dsa-2356",
      "https://access.redhat.com/errata/RHSA-2013:1455",
      "https://access.redhat.com/errata/RHSA-2012:1467",
      "https://access.redhat.com/errata/RHSA-2012:0034",
      "https://access.redhat.com/errata/RHSA-2011:1384",
      "https://access.redhat.com/errata/RHSA-2011:1380",
      "https://alas.aws.amazon.com/cve/html/CVE-2011-3544.html",
      "https://linux.oracle.com/cve/CVE-2011-3544.html",
      "https://packetstormsecurity.com/files/cve/CVE-2011-3544"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-3544"
      ],
      "details": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.",
      "id": "GSD-2011-3544",
      "modified": "2023-12-13T01:19:10.285362Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2011-3544",
      "dateAdded": "2022-03-03",
      "dueDate": "2022-03-24",
      "product": "Java SE JDK and JRE",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle\u0027s Java Runtime Environment allows an attacker to remotely execute arbitrary code.",
      "vendorProject": "Oracle",
      "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2011-3544",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "oval:org.mitre.oval:def:13947",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
          },
          {
            "name": "GLSA-201406-32",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "HPSBMU02799",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
          },
          {
            "name": "48308",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/48308"
          },
          {
            "name": "HPSBUX02730",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
          },
          {
            "name": "SUSE-SU-2012:0114",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
          },
          {
            "name": "RHSA-2013:1455",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "SSRT100710",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
          },
          {
            "name": "RHSA-2011:1384",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
          },
          {
            "name": "50218",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/50218"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
          },
          {
            "name": "SSRT100867",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "name": "oracle-jre-scripting-unspecified(70849)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
          },
          {
            "name": "1026215",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1026215"
          },
          {
            "name": "USN-1263-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1263-1"
          },
          {
            "name": "HPSBMU02797",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
            "refsource": "CONFIRM",
            "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_25:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:*:update_27:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_25:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_26:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jdk:*:update_27:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_26:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2011-3544"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
            },
            {
              "name": "RHSA-2011:1384",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
            },
            {
              "name": "50218",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/50218"
            },
            {
              "name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
            },
            {
              "name": "HPSBUX02730",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
            },
            {
              "name": "SUSE-SU-2012:0114",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
            },
            {
              "name": "1026215",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1026215"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "USN-1263-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-1263-1"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "SSRT100867",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            },
            {
              "name": "oracle-jre-scripting-unspecified(70849)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
            },
            {
              "name": "oval:org.mitre.oval:def:13947",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
            },
            {
              "name": "HPSBMU02799",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
            },
            {
              "name": "48308",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/48308"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-01-06T02:29Z",
      "publishedDate": "2011-10-19T21:55Z"
    }
  }
}

CVE-2011-3544

Vulnerability from fstec - Published: 18.10.2011

Title

Уязвимость компонента Scripting программной платформы Java Runtime Environment и средства разработки приложений Java Development Kit, позволяющая нарушителю оказать влияние на целостность, доступность и конфиденциальность защищаемой информации

Description

Уязвимость компонента Scripting программной платформы Java Runtime Environment и средства разработки приложений Java Development Kit связана с недостаточной защитой служебных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, оказать влияние на целостность, доступность и конфиденциальность защищаемой информации

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Vendor

Canonical Ltd., Novell Inc., Oracle Corp.

Software Name

Ubuntu, Suse Linux Enterprise Server, Java Development Kit, Java Runtime Environment

Software Version

10.10 (Ubuntu), 11.10 (Ubuntu), 11.04 (Ubuntu), 10.04 (Ubuntu), 10 SP4 (Suse Linux Enterprise Server), до 6 Update 27 включительно (Java Development Kit), 7 (Java Development Kit), до 6 Update 27 включительно (Java Runtime Environment), 7 (Java Runtime Environment)

Possible Mitigations

Использование рекомендаций: Для программных продуктов Oracle: https://www.oracle.com/security-alerts/javacpuoct2011.html Для программных продуктов Novell Inc.: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KBN7NWQPMOF6XXC7TR7VK2OVNLYU56DQ/ Для Ubuntu: https://ubuntu.com/security/notices/USN-1263-1

Reference

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html http://marc.info/?l=bugtraq&m=132750579901589&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/48308 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.ibm.com/developerworks/java/jdk/alerts/ http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://www.redhat.com/support/errata/RHSA-2011-1384.html http://www.securityfocus.com/bid/50218 http://www.securitytracker.com/id?1026215 http://www.ubuntu.com/usn/USN-1263-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/70849 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947 https://www.cisa.gov/known-exploited-vulnerabilities-catalog https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

CWE

CWE-200

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., Novell Inc., Oracle Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "10.10 (Ubuntu), 11.10 (Ubuntu), 11.04 (Ubuntu), 10.04 (Ubuntu), 10 SP4 (Suse Linux Enterprise Server), \u0434\u043e 6 Update 27 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Java Development Kit), 7 (Java Development Kit), \u0434\u043e 6 Update 27 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Java Runtime Environment), 7 (Java Runtime Environment)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Oracle:\nhttps://www.oracle.com/security-alerts/javacpuoct2011.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KBN7NWQPMOF6XXC7TR7VK2OVNLYU56DQ/\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/notices/USN-1263-1",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "18.10.2011",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.07.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-04098",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2011-3544",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Suse Linux Enterprise Server, Java Development Kit, Java Runtime Environment",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 10.10 , Canonical Ltd. Ubuntu 11.10 , Canonical Ltd. Ubuntu 11.04 , Canonical Ltd. Ubuntu 10.04 , Novell Inc. Suse Linux Enterprise Server 10 SP4 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Scripting \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Java Runtime Environment \u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Java Development Kit, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-200)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Scripting \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Java Runtime Environment \u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Java Development Kit \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html \nhttp://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2 \nhttp://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2 \nhttp://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2 \nhttp://rhn.redhat.com/errata/RHSA-2013-1455.html \nhttp://secunia.com/advisories/48308 \nhttp://security.gentoo.org/glsa/glsa-201406-32.xml \nhttp://www.ibm.com/developerworks/java/jdk/alerts/ \nhttp://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html \nhttp://www.redhat.com/support/errata/RHSA-2011-1384.html \nhttp://www.securityfocus.com/bid/50218 \nhttp://www.securitytracker.com/id?1026215 \nhttp://www.ubuntu.com/usn/USN-1263-1 \nhttps://exchange.xforce.ibmcloud.com/vulnerabilities/70849 \nhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438/\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-200",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)"
}

GHSA-25JQ-3VH4-PGV4

Vulnerability from github – Published: 2022-05-14 03:53 – Updated: 2025-10-22 03:30

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-3544"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-10-19T21:55:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.",
  "id": "GHSA-25jq-3vh4-pgv4",
  "modified": "2025-10-22T03:30:30Z",
  "published": "2022-05-14T03:53:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3544"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-3544"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48308"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.ibm.com/developerworks/java/jdk/alerts"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/50218"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1026215"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1263-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-3544 (GCVE-0-2011-3544)

FKIE_CVE-2011-3544

CERTA-2012-AVI-395

Solution

CERTA-2011-AVI-580

Description

Solution

CERTFR-2017-AVI-228

Solution

GSD-2011-3544

CVE-2011-3544

GHSA-25JQ-3VH4-PGV4

Tags

Sightings

Nomenclature