Oracle Java SE and JRockit CVE-2018-2794 Local Security Vulnerability
BID:103817
CVE-2018-2794 |Info
Oracle Java SE and JRockit CVE-2018-2794 Local Security Vulnerability
| Bugtraq ID: | 103817 |
| Class: | Unknown |
| CVE: |
CVE-2018-2794 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 17 2018 12:00AM |
| Updated: | Oct 15 2018 09:00AM |
| Credit: | Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi of Ca' Foscari University of Venice |
| Vulnerable: |
Oracle JRockit R28.3.17 Oracle JRE(Windows Production Release) 1.8 Update 162 Oracle JRE(Windows Production Release) 1.7 Update 171 Oracle JRE(Windows Production Release) 1.6 Update 181 Oracle JRE(Windows Production Release) 10.0.1 Oracle JRE(Solaris Production Release) 1.8 Update 162 Oracle JRE(Solaris Production Release) 1.7 Update 171 Oracle JRE(Solaris Production Release) 1.6 Update 181 Oracle JRE(Solaris Production Release) 10.0.1 Oracle JRE(Linux Production Release) 1.8 Update 162 Oracle JRE(Linux Production Release) 1.7 Update 171 Oracle JRE(Linux Production Release) 1.6 Update 181 Oracle JRE(Linux Production Release) 10.0.1 Oracle JDK(Windows Production Release) 1.8 Update 162 Oracle JDK(Windows Production Release) 1.7 Update 171 Oracle JDK(Windows Production Release) 1.6 Update 181 Oracle JDK(Windows Production Release) 10.0.1 Oracle JDK(Solaris Production Release) 1.8 Update 162 Oracle JDK(Solaris Production Release) 1.7 Update 171 Oracle JDK(Solaris Production Release) 1.6 Update 181 Oracle JDK(Solaris Production Release) 10.0.1 Oracle JDK(Linux Production Release) 1.8 Update 162 Oracle JDK(Linux Production Release) 1.7 Update 171 Oracle JDK(Linux Production Release) 1.6 Update 181 Oracle JDK(Linux Production Release) 10.0.1 IBM DB2 9.8 IBM DB2 9.7 IBM DB2 11.1 IBM DB2 10.5 IBM DB2 10.1 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: | |
Discussion
Oracle Java SE and JRockit CVE-2018-2794 Local Security Vulnerability
Oracle Java SE and JRockit are prone to a local security vulnerability.
This issue affects the 'Security' component.
This vulnerability affects the following supported versions:
Java SE: 6u181, 7u171, 8u162, 10, JRockit: R28.3.17
Oracle Java SE and JRockit are prone to a local security vulnerability.
This issue affects the 'Security' component.
This vulnerability affects the following supported versions:
Java SE: 6u181, 7u171, 8u162, 10, JRockit: R28.3.17
Exploit / POC
Oracle Java SE and JRockit CVE-2018-2794 Local Security Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Oracle Java SE and JRockit CVE-2018-2794 Local Security Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Oracle Java SE and JRockit CVE-2018-2794 Local Security Vulnerability
References:
References: