We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2019-2698



Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Reserved 2018-12-14 | Published 2019-04-23 | Updated 2024-10-02 | Assigner oracle

Problem types

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE.

Product status

Java SE: 7u211, 8u202
affected

References

www.oracle.com/.../security-advisory/cpuapr2019-5072813.html

access.redhat.com/errata/RHBA-2019:0959 (RHBA-2019:0959) vendor-advisory

lists.debian.org/debian-lts-announce/2019/05/msg00011.html ([debian-lts-announce] 20190510 [SECURITY] [DLA 1782-1] openjdk-7 security update) mailing-list

access.redhat.com/errata/RHSA-2019:1146 (RHSA-2019:1146) vendor-advisory

usn.ubuntu.com/3975-1/ (USN-3975-1) vendor-advisory

access.redhat.com/errata/RHSA-2019:1164 (RHSA-2019:1164) vendor-advisory

access.redhat.com/errata/RHSA-2019:1163 (RHSA-2019:1163) vendor-advisory

access.redhat.com/errata/RHSA-2019:1165 (RHSA-2019:1165) vendor-advisory

access.redhat.com/errata/RHSA-2019:1166 (RHSA-2019:1166) vendor-advisory

access.redhat.com/errata/RHSA-2019:1238 (RHSA-2019:1238) vendor-advisory

lists.opensuse.org/...ecurity-announce/2019-05/msg00059.html (openSUSE-SU-2019:1439) vendor-advisory

lists.opensuse.org/...ecurity-announce/2019-05/msg00058.html (openSUSE-SU-2019:1438) vendor-advisory

www.debian.org/security/2019/dsa-4453 (DSA-4453) vendor-advisory

seclists.org/bugtraq/2019/May/75 (20190530 [SECURITY] [DSA 4453-1] openjdk-8 security update) mailing-list

lists.opensuse.org/...ecurity-announce/2019-06/msg00013.html (openSUSE-SU-2019:1500) vendor-advisory

access.redhat.com/errata/RHSA-2019:1325 (RHSA-2019:1325) vendor-advisory

security.gentoo.org/glsa/201908-10 (GLSA-201908-10) vendor-advisory

support.hpe.com/...cale=en_US&docId=emr_na-hpesbst03959en_us

cve.org (CVE-2019-2698)

nvd.nist.gov (CVE-2019-2698)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2019-2698

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.

© Copyright 2024 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.