Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3521

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-3521
Last Modified 04 Oct 2014 12:41:45
Published 19 Oct 2011 05:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3521

Summary

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deserialization.

Vulnerable Systems

Application

  • Sun Jdk 1.5.0

  • Sun Jdk 1.6.0

  • Sun Jdk 1.7.0

  • Sun Jre 1.5.0

  • Sun Jre 1.6.0

  • Sun Jre 1.7.0


References

REDHAT - RHSA-2011:1384

CONFIRM - http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html

CONFIRM - http://www.ibm.com/developerworks/java/jdk/alerts/

XF - oracle-jre-deserialization-unspecified(70850)

SECTRACK - 1026215

HP - SSRT100710

HP - HPSBUX02730

SUSE - SUSE-SU-2012:0114

SECUNIA - 48692

REDHAT - RHSA-2013:1455

UBUNTU - USN-1263-1

GENTOO - GLSA-201406-32

Related Patches

Apple 2011-11-08 Java for Mac OS X 10.6 Update 6

Apple 2011-11-08 Java for Mac OS X 10.7 Update 1 (Lion)

Sun Java JRE 1.6.0_29 for Windows (Update) (All Languages) (See Notes)

Sun Java JRE 1.7.0_01 for Windows (Update) (All Languages) (See Notes)

Novell SUSE 2012:5872 java-1_6_0-ibm security update for SLES 11 SP1 i586

Novell SUSE 2012:5872 java-1_6_0-ibm security update for SLES 11 SP1 x86_64

Novell SUSE 2012:7926 java-1_6_0-ibm security update for SLES 10 SP4 i586

Novell SUSE 2012:7926 java-1_6_0-ibm security update for SLES 10 SP4 x86_64


Last Updated: 27 May 2016 11:01:23