We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2019-2602



Description

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Reserved 2018-12-14 | Published 2019-04-23 | Updated 2024-10-02 | Assigner oracle

Problem types

Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded.

Product status

Java SE: 7u211, 8u202, 11.0.2, 12
affected

Java SE Embedded: 8u201
affected

References

www.oracle.com/.../security-advisory/cpuapr2019-5072813.html

lists.opensuse.org/...ecurity-announce/2019-05/msg00007.html (openSUSE-SU-2019:1327) vendor-advisory

access.redhat.com/errata/RHBA-2019:0959 (RHBA-2019:0959) vendor-advisory

lists.debian.org/debian-lts-announce/2019/05/msg00011.html ([debian-lts-announce] 20190510 [SECURITY] [DLA 1782-1] openjdk-7 security update) mailing-list

access.redhat.com/errata/RHSA-2019:1146 (RHSA-2019:1146) vendor-advisory

usn.ubuntu.com/3975-1/ (USN-3975-1) vendor-advisory

access.redhat.com/errata/RHSA-2019:1164 (RHSA-2019:1164) vendor-advisory

access.redhat.com/errata/RHSA-2019:1163 (RHSA-2019:1163) vendor-advisory

access.redhat.com/errata/RHSA-2019:1165 (RHSA-2019:1165) vendor-advisory

access.redhat.com/errata/RHSA-2019:1166 (RHSA-2019:1166) vendor-advisory

access.redhat.com/errata/RHSA-2019:1238 (RHSA-2019:1238) vendor-advisory

lists.opensuse.org/...ecurity-announce/2019-05/msg00059.html (openSUSE-SU-2019:1439) vendor-advisory

lists.opensuse.org/...ecurity-announce/2019-05/msg00058.html (openSUSE-SU-2019:1438) vendor-advisory

www.debian.org/security/2019/dsa-4453 (DSA-4453) vendor-advisory

seclists.org/bugtraq/2019/May/75 (20190530 [SECURITY] [DSA 4453-1] openjdk-8 security update) mailing-list

lists.opensuse.org/...ecurity-announce/2019-06/msg00013.html (openSUSE-SU-2019:1500) vendor-advisory

access.redhat.com/errata/RHSA-2019:1325 (RHSA-2019:1325) vendor-advisory

access.redhat.com/errata/RHSA-2019:1518 (RHSA-2019:1518) vendor-advisory

kc.mcafee.com/corporate/index?page=content&id=SB10285

security.gentoo.org/glsa/201908-10 (GLSA-201908-10) vendor-advisory

support.hpe.com/...cale=en_US&docId=emr_na-hpesbst03959en_us

cve.org (CVE-2019-2602)

nvd.nist.gov (CVE-2019-2602)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2019-2602

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.