Record truncated, showing 500 of 1309 characters. Please address comments about this page to Vendor Advisoryīroken Link Third Party Advisory VDB Entry Further, NIST does notĮndorse any commercial products that may be mentioned on Not necessarily endorse the views expressed, or concur with Sites that are more appropriate for your purpose. Inferences should be drawn on account of other sites being May have information that would be of interest to you. We have provided these links to other web sites because they References to Advisories, Solutions, and Toolsīy selecting these links, you will be leaving NIST webspace.
CVSS 3.0 Base Score 5.9 (Integrity impacts). This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator).
Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1 Java SE Embedded: 8u171. Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE).
0 kommentar(er)
