Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability
Gravité: : Critique
Identifiant(s) CVE: : CVE-2011-3544
Date du conseil: 21 juillet 2015
Description
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1004870
Trend Micro Deep Security DPI Rule Name: 1004870 - Identified Suspicious Jar File
Affected software and version:
- sun jdk 1.6.0
- sun jdk 1.7.0
- sun jre 1.6.0
- sun jre 1.7.0