We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2018-2603



Description

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Reserved 2017-12-15 | Published 2018-01-18 | Updated 2024-10-03 | Assigner oracle

Problem types

Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit.

Product status

Java SE: 6u171
affected

7u161
affected

8u152
affected

9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16
affected

References

www.securityfocus.com/bid/102625 (102625) vdb-entry

access.redhat.com/errata/RHSA-2018:0351 (RHSA-2018:0351) vendor-advisory

www.oracle.com/.../security-advisory/cpujan2018-3236628.html

security.netapp.com/advisory/ntap-20180117-0001/

usn.ubuntu.com/3614-1/ (USN-3614-1) vendor-advisory

www.debian.org/security/2018/dsa-4166 (DSA-4166) vendor-advisory

access.redhat.com/errata/RHSA-2018:0095 (RHSA-2018:0095) vendor-advisory

www.debian.org/security/2018/dsa-4144 (DSA-4144) vendor-advisory

access.redhat.com/errata/RHSA-2018:0521 (RHSA-2018:0521) vendor-advisory

access.redhat.com/errata/RHSA-2018:0352 (RHSA-2018:0352) vendor-advisory

access.redhat.com/errata/RHSA-2018:0115 (RHSA-2018:0115) vendor-advisory

help.ecostruxureit.com/...xureWare+Data+Center+Expert+v7.6.0

lists.debian.org/debian-lts-announce/2018/04/msg00003.html ([debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update) mailing-list

access.redhat.com/errata/RHSA-2018:1812 (RHSA-2018:1812) vendor-advisory

support.hpe.com/...cale=en_US&docId=emr_na-hpesbst03911en_us

access.redhat.com/errata/RHSA-2018:0099 (RHSA-2018:0099) vendor-advisory

access.redhat.com/errata/RHSA-2018:1463 (RHSA-2018:1463) vendor-advisory

access.redhat.com/errata/RHSA-2018:0458 (RHSA-2018:0458) vendor-advisory

access.redhat.com/errata/RHSA-2018:0349 (RHSA-2018:0349) vendor-advisory

www.securitytracker.com/id/1040203 (1040203) vdb-entry

usn.ubuntu.com/3613-1/ (USN-3613-1) vendor-advisory

access.redhat.com/errata/RHSA-2018:0100 (RHSA-2018:0100) vendor-advisory

cve.org (CVE-2018-2603)

nvd.nist.gov (CVE-2018-2603)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2018-2603

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.

© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.