{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-10-18T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-05T18:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "oval:org.mitre.oval:def:13947", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"}, {"name": "GLSA-201406-32", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"name": "HPSBMU02799", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"name": "48308", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48308"}, {"name": "HPSBUX02730", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"name": "SUSE-SU-2012:0114", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"}, {"name": "RHSA-2013:1455", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"}, {"name": "SSRT100710", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"name": "RHSA-2011:1384", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"}, {"name": "50218", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/50218"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"}, {"name": "SSRT100867", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"name": "oracle-jre-scripting-unspecified(70849)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"}, {"name": "1026215", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026215"}, {"name": "USN-1263-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1263-1"}, {"name": "HPSBMU02797", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2011-3544", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:13947", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"}, {"name": "GLSA-201406-32", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"name": "HPSBMU02799", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"name": "48308", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48308"}, {"name": "HPSBUX02730", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"name": "SUSE-SU-2012:0114", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"}, {"name": "RHSA-2013:1455", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"}, {"name": "SSRT100710", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"name": "RHSA-2011:1384", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"}, {"name": "50218", "refsource": "BID", "url": "http://www.securityfocus.com/bid/50218"}, {"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"}, {"name": "SSRT100867", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"name": "oracle-jre-scripting-unspecified(70849)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"}, {"name": "1026215", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1026215"}, {"name": "USN-1263-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1263-1"}, {"name": "HPSBMU02797", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"name": "http://www.ibm.com/developerworks/java/jdk/alerts/", "refsource": "CONFIRM", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:37:48.020Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:13947", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"}, {"name": "GLSA-201406-32", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"name": "HPSBMU02799", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"name": "48308", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48308"}, {"name": "HPSBUX02730", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"name": "SUSE-SU-2012:0114", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"}, {"name": "RHSA-2013:1455", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"}, {"name": "SSRT100710", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"name": "RHSA-2011:1384", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"}, {"name": "50218", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/50218"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"}, {"name": "SSRT100867", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"name": "oracle-jre-scripting-unspecified(70849)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"}, {"name": "1026215", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1026215"}, {"name": "USN-1263-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1263-1"}, {"name": "HPSBMU02797", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2011-3544", "datePublished": "2011-10-19T21:00:00", "dateReserved": "2011-09-16T00:00:00", "dateUpdated": "2024-08-06T23:37:48.020Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD1AF818-452D-46FE-BD02-05E2E94DDE30", "versionEndExcluding": "1.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*", "matchCriteriaId": "4A420DA5-1346-446B-8D23-E1E6DDBE527E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*", "matchCriteriaId": "B8CA8719-7ABE-4279-B49E-C414794A4FE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*", "matchCriteriaId": "DC92B7EC-849F-4255-9D55-43681B8DADC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*", "matchCriteriaId": "2ABC1045-7D3D-4A14-B994-7E60A4BB4C9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*", "matchCriteriaId": "1F3C1E65-929A-4468-8584-F086E6E59839", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*", "matchCriteriaId": "42C95C1D-0C2E-4733-AB1B-65650D88995D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*", "matchCriteriaId": "47A9F499-D1E3-41BD-AC18-E8D3D3231C12", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*", "matchCriteriaId": "D45B0D7E-BA0F-4AAA-A7BA-2ADA4CC90D94", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*", "matchCriteriaId": "D58A3E4F-2409-440A-891E-0B84D79AB480", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*", "matchCriteriaId": "3FC2226B-CFEF-48A4-83EA-1F59F4AF7528", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*", "matchCriteriaId": "F29DC78F-4D02-47B4-A955-32080B22356C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*", "matchCriteriaId": "81A4204E-6F50-45FB-A343-7A30C0CD6D3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*", "matchCriteriaId": "D6E07069-D6EE-4D44-94A6-CDCA4A50E6F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*", "matchCriteriaId": "4B151882-47C0-400E-BBAB-A949E6140C86", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*", "matchCriteriaId": "6DB4F19E-DFC4-42F4-87B9-32FB1C496649", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*", "matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*", "matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*", "matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*", "matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*", "matchCriteriaId": "ACABC935-5DD6-4F85-992E-70AD517EF41D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*", "matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*", "matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*", "matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*", "matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*", "matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*", "matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:*:*:*:*:*:*", "matchCriteriaId": "270DE3F5-C51F-4E62-B532-7773BCF8CC7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:*:*:*:*:*:*", "matchCriteriaId": "5ED1BA76-BCA4-483F-B238-39FA792984BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:*:*:*:*:*:*", "matchCriteriaId": "D450D249-DD3B-435F-B006-C44A215A3DC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD9FCDEB-2854-42FF-8BF4-A50890B3F08F", "versionEndExcluding": "1.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*", "matchCriteriaId": "EB864346-1429-46B5-A91E-A1126C486421", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*", "matchCriteriaId": "F199B346-B95E-4DCA-B750-148A36D559BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*", "matchCriteriaId": "1714BDEF-6B0E-42BB-9510-3F9B52E170BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*", "matchCriteriaId": "830A3A51-F17A-4C61-8F5C-6A4582A64DA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*", "matchCriteriaId": "9DE0E496-719D-4CEF-837F-B060A898099F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*", "matchCriteriaId": "3B02F361-0C64-4CB8-8DAD-A63F1A9CC025", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*", "matchCriteriaId": "FD4CC3E2-7BEA-4D8C-811C-C5012327A9AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*", "matchCriteriaId": "9F63A8AC-893D-4D75-B467-85E70B62541D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*", "matchCriteriaId": "D7823AE6-CB18-47DE-8A4F-1F98394B7237", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*", "matchCriteriaId": "381EFA43-DB73-48EA-A4B1-F451EF60D845", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*", "matchCriteriaId": "77C54E00-0197-4C87-9BFF-01A099AC3006", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*", "matchCriteriaId": "64AD6007-EB92-4D0E-A0CB-8FFDDB61AA6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*", "matchCriteriaId": "7415177F-A2FE-47AB-8D92-194A4F6D75C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*", "matchCriteriaId": "52FA600C-08B6-4143-9C72-DB31E489DE3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*", "matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*", "matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*", "matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*", "matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*", "matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*", "matchCriteriaId": "2752B83A-6DD2-4829-9E4F-42CDDCBC38C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*", "matchCriteriaId": "964CCFD6-316A-48C6-9A6B-7CFD1A1FB027", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*", "matchCriteriaId": "DC8771D7-9531-4A1D-B2DE-FAA7A7549801", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*", "matchCriteriaId": "6C59C275-5964-4E5D-BE80-BA4EA34BEA62", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*", "matchCriteriaId": "47C1922B-37E8-4009-97C7-B243F6F96704", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update8:*:*:*:*:*:*", "matchCriteriaId": "68957C57-EC74-4896-B97D-E936DC6AD31C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*", "matchCriteriaId": "6B3A8681-3EAC-4D02-811A-5FCCCC7B5635", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*", "matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10_b31:*:*:*:*:*:*", "matchCriteriaId": "61B7A9E2-14BE-40E3-AF51-1BA6FC612170", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*", "matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*", "matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*", "matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*", "matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b31:*:*:*:*:*:*", "matchCriteriaId": "B0228195-41B4-4145-B8A4-7B974456ABA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b32:*:*:*:*:*:*", "matchCriteriaId": "44F8FB6D-3602-4263-9814-CCB64B8D1926", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*", "matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21_b31:*:*:*:*:*:*", "matchCriteriaId": "2D3257E5-17DB-4E02-9A8E-DD0E4D4339DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*", "matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b33:*:*:*:*:*:*", "matchCriteriaId": "3391456D-86B0-457B-83BB-4C74DA0ED634", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b34:*:*:*:*:*:*", "matchCriteriaId": "AA88EAC0-FD2D-4B38-8944-D4B6C3BD6FE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b35:*:*:*:*:*:*", "matchCriteriaId": "C12DF03E-6E61-41DF-A283-D16AB356B6A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7_b32:*:*:*:*:*:*", "matchCriteriaId": "CD27AF64-5AA9-40F0-9308-2B4196FE7653", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "B2A12684-8CB8-49A6-8E06-1E1AE5B43E87", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*", "matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*", "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE v7 y v6 Update 27 y anteriores permite a aplicaciones remotas Java Web Start y applets Java no confiables afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con secuencias de comandos."}], "id": "CVE-2011-3544", "lastModified": "2024-11-21T01:30:41.623", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2011-10-19T21:55:01.097", "references": [{"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/48308"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"source": "secalert_us@oracle.com", "tags": ["Product"], "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/50218"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1026215"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-1263-1"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/48308"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/50218"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1026215"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-1263-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2011:1384", "cpe": "cpe:/a:redhat:rhel_extras:4", "package": "java-1.6.0-sun-1:1.6.0.29-1jpp.1.el4", "product_name": "Extras for RHEL 4", "release_date": "2011-10-19T00:00:00Z"}, {"advisory": "RHSA-2012:0034", "cpe": "cpe:/a:redhat:rhel_extras:4", "package": "java-1.6.0-ibm-1:1.6.0.10.0-1jpp.2.el4", "product_name": "Extras for RHEL 4", "release_date": "2012-01-18T00:00:00Z"}, {"advisory": "RHSA-2011:1380", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "java-1.6.0-openjdk-1:1.6.0.0-1.23.1.9.10.el5_7", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-10-18T00:00:00Z"}, {"advisory": "RHSA-2011:1380", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "java-1.6.0-openjdk-1:1.6.0.0-1.40.1.9.10.el6_1", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-10-18T00:00:00Z"}, {"advisory": "RHSA-2011:1384", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.6.0-sun-1:1.6.0.29-1jpp.1.el6", "product_name": "Red Hat Enterprise Linux 6 Supplementary", "release_date": "2011-10-19T00:00:00Z"}, {"advisory": "RHSA-2012:0034", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.6.0-ibm-1:1.6.0.10.0-1jpp.2.el6", "product_name": "Red Hat Enterprise Linux 6 Supplementary", "release_date": "2012-01-18T00:00:00Z"}, {"advisory": "RHSA-2013:1455", "cpe": "cpe:/a:redhat:network_satellite:5.4::el5", "package": "java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4", "product_name": "Red Hat Network Satellite Server v 5.4", "release_date": "2013-10-23T00:00:00Z"}, {"advisory": "RHSA-2011:1384", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.6.0-sun-1:1.6.0.29-1jpp.1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2011-10-19T00:00:00Z"}, {"advisory": "RHSA-2012:0034", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.6.0-ibm-1:1.6.0.10.0-1jpp.2.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2012-01-18T00:00:00Z"}, {"advisory": "RHSA-2012:1467", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2012-11-15T00:00:00Z"}], "bugzilla": {"description": "OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)", "id": "745399", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=745399"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."], "name": "CVE-2011-3544", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "java-1.4.2-ibm", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "java-1.5.0-ibm", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "java-1.4.2-ibm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "java-1.5.0-ibm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Affected", "package_name": "java-1.7.0-ibm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "java-1.4.2-ibm-sap", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "java-1.5.0-ibm", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2011-10-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-3544\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-3544\nhttp://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "threat_severity": "Critical"}