Oracle Java SE CVE-2018-2973 Remote Security Vulnerability
BID:104773
CVE-2018-2973 |Info
Oracle Java SE CVE-2018-2973 Remote Security Vulnerability
| Bugtraq ID: | 104773 |
| Class: | Unknown |
| CVE: |
CVE-2018-2973 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 17 2018 12:00AM |
| Updated: | Mar 18 2019 07:00AM |
| Credit: | Oracle |
| Vulnerable: |
Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 6 Oracle JRE(Windows Production Release) 1.8 Update 172 Oracle JRE(Windows Production Release) 1.8 Update 171 Oracle JRE(Windows Production Release) 1.7 Update 181 Oracle JRE(Windows Production Release) 1.6 Update 191 Oracle JRE(Windows Production Release) 10.0.1 Oracle JRE(Solaris Production Release) 1.8 Update 172 Oracle JRE(Solaris Production Release) 1.8 Update 171 Oracle JRE(Solaris Production Release) 1.7 Update 181 Oracle JRE(Solaris Production Release) 1.6 Update 191 Oracle JRE(Solaris Production Release) 10.0.1 Oracle JRE(Linux Production Release) 1.8 Update 172 Oracle JRE(Linux Production Release) 1.8 Update 171 Oracle JRE(Linux Production Release) 1.7 Update 181 Oracle JRE(Linux Production Release) 1.6 Update 191 Oracle JRE(Linux Production Release) 10.0.1 Oracle JDK(Windows Production Release) 1.8 Update 172 Oracle JDK(Windows Production Release) 1.8 Update 171 Oracle JDK(Windows Production Release) 1.7 Update 181 Oracle JDK(Windows Production Release) 1.6 Update 191 Oracle JDK(Windows Production Release) 10.0.1 Oracle JDK(Solaris Production Release) 1.8 Update 172 Oracle JDK(Solaris Production Release) 1.8 Update 171 Oracle JDK(Solaris Production Release) 1.7 Update 181 Oracle JDK(Solaris Production Release) 1.6 Update 191 Oracle JDK(Solaris Production Release) 10.0.1 Oracle JDK(Linux Production Release) 1.8 Update 172 Oracle JDK(Linux Production Release) 1.8 Update 171 Oracle JDK(Linux Production Release) 1.7 Update 181 Oracle JDK(Linux Production Release) 1.6 Update 191 Oracle JDK(Linux Production Release) 10.0.1 IBM Java SDK 8 SR 5 FP 7 IBM Java SDK 8 SR 5 FP 15 IBM Java SDK 8 SR 5 FP 10 IBM Java SDK 8 SR 4 FP 5 IBM Java SDK 7R1 SR 4 FP 5 IBM Java SDK 7R1 SR 4 FP 25 IBM Java SDK 7R1 SR 4 FP 20 IBM Java SDK 7R1 SR 4 FP 15 IBM Java SDK 7R1 SR 4 FP 1 IBM Java SDK 7 SR 10 FP 25 IBM Java SDK 7 SR 10 FP 20 IBM Java SDK 7 SR 10 FP 15 IBM Java SDK 7 SR 10 FP 1 IBM Java SDK 6R1 SR 8 FP 7 IBM Java SDK 6R1 SR 8 FP 65 IBM Java SDK 6R1 SR 8 FP 60 IBM Java SDK 6R1 SR 8 FP 55 IBM Java SDK 6R1 SR 8 FP 5 IBM Java SDK 6R1 SR 8 FP 45 IBM Java SDK 6R1 SR 8 FP 41 IBM Java SDK 6R1 SR 8 FP 30 IBM Java SDK 6R1 SR 8 FP 26 IBM Java SDK 6R1 SR 8 FP 25 IBM Java SDK 6R1 SR 8 FP 21 IBM Java SDK 6R1 SR 8 FP 15 IBM Java SDK 6 SR 16 FP 7 IBM Java SDK 6 SR 16 FP 65 IBM Java SDK 6 SR 16 FP 60 IBM Java SDK 6 SR 16 FP 55 IBM Java SDK 6 SR 16 FP 5 IBM Java SDK 6 SR 16 FP 45 IBM Java SDK 6 SR 16 FP 41 IBM Java SDK 6 SR 16 FP 30 IBM Java SDK 6 SR 16 FP 26 IBM Java SDK 6 SR 16 FP 25 IBM Java SDK 6 SR 16 FP 22 IBM Java SDK 6 SR 16 FP 15 |
| Not Vulnerable: |
IBM Java SDK 8 SR 5 FP 20 IBM Java SDK 7R1 SR 4 FP 30 IBM Java SDK 7 SR 10 FP 30 IBM Java SDK 6R1 SR 8 FP 70 IBM Java SDK 6 SR 16 FP 70 |
Discussion
Oracle Java SE CVE-2018-2973 Remote Security Vulnerability
Oracle Java SE is prone to a remote security vulnerability.
The vulnerability can be exploited over the 'SSL/TLS' protocol. This issue affects the 'JSSE' component.
This vulnerability affects the following supported versions:
Java SE: 6u191, 7u181, 8u172, 10.0.1; Java SE Embedded: 8u171
Oracle Java SE is prone to a remote security vulnerability.
The vulnerability can be exploited over the 'SSL/TLS' protocol. This issue affects the 'JSSE' component.
This vulnerability affects the following supported versions:
Java SE: 6u191, 7u181, 8u172, 10.0.1; Java SE Embedded: 8u171
Exploit / POC
Oracle Java SE CVE-2018-2973 Remote Security Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Oracle Java SE CVE-2018-2973 Remote Security Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Oracle Java SE CVE-2018-2973 Remote Security Vulnerability
References:
References:
- Bug 1602145 - (CVE-2018-2973) CVE-2018-2973 Oracle JDK: unspecified vulnerabilit (Red Hat Bugzilla)
- CVE-2018-2973 (Red Hat Bugzilla)
- Oracle Homepage (Oracle)
- Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Db2. (IBM)
- Oracle Critical Patch Update Advisory - July 2018 (Oracle)