Vulnerability Details : CVE-2011-0786
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788.
Products affected by CVE-2011-0786
- cpe:2.3:a:sun:jdk:*:update_25:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_22:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_23:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_24:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:*:update_25:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_22:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_23:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_24:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-0786
1.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-0786
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.6
|
HIGH | AV:N/AC:H/Au:N/C:C/I:C/A:C |
4.9
|
10.0
|
NIST |
References for CVE-2011-0786
-
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html
[security-announce] SUSE Security Announcement: IBM Java 5 (SUSE-SA:2011
-
http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html
[security-announce] openSUSE-SU-2011:0633-1: critical: Oracle Java 26
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14382
Repository / Oval Repository
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14604
Repository / Oval Repository
-
http://marc.info/?l=bugtraq&m=134254957702612&w=2
'[security bulletin] HPSBMU02797 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.1x Running JD' - MARC
-
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html
[security-announce] SUSE-SU-2011:0966-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html
[security-announce] SUSE-SU-2011:0807-1: important: Security update for
-
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
Oracle Java Critical Patch Update - June 2011Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/48133
Oracle Java SE and Java for Business CVE-2011-0786 Remote Java Runtime Environment Vulnerability
-
http://marc.info/?l=bugtraq&m=132439520301822&w=2
'[security bulletin] HPSBUX02697 SSRT100591 rev.1 - HP-UX Running Java, Remote Unauthorized Access, D' - MARC
-
http://www.ibm.com/developerworks/java/jdk/alerts/
Security Vulnerabilities - Java SDK
-
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html
[security-announce] SUSE Security Announcement: IBM Java 6 security upda
-
http://marc.info/?l=bugtraq&m=134254866602253&w=2
'[security bulletin] HPSBMU02799 SSRT100867 rev.1 - HP Network Node Manager i (NNMi) v9.0x Running JD' - MARC
-
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html
[security-announce] SUSE-SU-2011:0863-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html
[security-announce] SUSE Security Announcement: IBM Java 1.4.2 (SUSE-SA:
Jump to