[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2019-2962Date: (C)2019-10-28   (M)2024-03-22


Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 3.7CVSS Score : 4.3
Exploit Score: 2.2Exploit Score: 8.6
Impact Score: 1.4Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: NONEAvailability: PARTIAL
Integrity: NONE 
Availability: LOW 
  
Reference:
https://seclists.org/bugtraq/2019/Oct/31
https://seclists.org/bugtraq/2019/Oct/27
DSA-4546
DSA-4548
RHSA-2019:3134
RHSA-2019:3135
RHSA-2019:3136
RHSA-2019:3157
RHSA-2019:3158
RHSA-2019:4109
RHSA-2019:4110
RHSA-2019:4113
RHSA-2019:4115
RHSA-2020:0006
RHSA-2020:0046
USN-4223-1
https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://security.netapp.com/advisory/ntap-20191017-0001/
openSUSE-SU-2019:2557
openSUSE-SU-2019:2565
openSUSE-SU-2019:2687

OVAL    53
oval:org.secpod.oval:def:61461
oval:org.secpod.oval:def:89003383
oval:org.secpod.oval:def:505928
oval:org.secpod.oval:def:89000268
...

© SecPod Technologies