Description
Vulnerability in the Java SE, JRockit component of Oracle Java SE
(subcomponent: Serialization). Supported versions that are affected are
Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
multiple protocols to compromise Java SE, JRockit. Successful attacks of
this vulnerability can result in unauthorized ability to cause a partial
denial of service (partial DOS) of Java SE, JRockit. Note: This
vulnerability can only be exploited by supplying data to APIs in the
specified Component without using Untrusted Java Web Start applications or
Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score
5.3 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Package
| Upstream: | not-affected
(Oracle only)
|
| Ubuntu 14.04 ESM: | DNE
(trusty was not-affected [Oracle only])
|
Patches:
Package
| Upstream: | not-affected
(Oracle only)
|
| Ubuntu 14.04 ESM: | DNE
(trusty was not-affected [Oracle only])
|
Patches:
Package
| Upstream: | not-affected
(Oracle only)
|
| Ubuntu 16.04 ESM: | not-affected
(Oracle only)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | not-affected
(Oracle only)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Updated: 2022-04-13 13:32:14 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)