CVE-2011-3548 in openjdk-jre

Do your applications use this vulnerable package? Test your applications

Overview

openjdk-jre is a free and open-source implementation of the Java Platform, Standard Edition (Java SE).

Affected versions of this package are vulnerable to CVE-2011-3548. It allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT.

Remediation

Upgrade openjdk-jre to version 7.0.1 or higher.

References

CONFIRM
Gentoo Security Advisory
HP Security Bulletin
OpenSuse Security Announcement
Oracle Security Bulletin
Osvdb Security Advisory
Oval Security
RedHat Security Advisory
Secunia Advisory
Security Focus
Security Tracker
Ubuntu Security Advisory
X-force Vulnerability Report

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

High
Integrity

High
Availability

High

Credit: Unknown
CVE: CVE-2011-3548
Snyk ID: SNYK-UPSTREAM-OPENJDKJRE-72905
Disclosed: 19 Oct, 2011
Published: 31 Jan, 2019

CVE-2011-3548
Affecting openjdk-jre package, versions [,1.7.0_1)

Overview

Remediation

References

CVSS Score

CVE-2011-3548 Affecting openjdk-jre package, versions [,1.7.0_1)

Overview

Remediation

References

CVE-2011-3548
Affecting openjdk-jre package, versions [,1.7.0_1)