CVE-2011-3544

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-3544
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Mailing List
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Mailing List
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Mailing List
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254866602253&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Mailing List
http://rhn.redhat.com/errata/RHSA-2013-1455.html Third Party Advisory
http://secunia.com/advisories/48308 Broken Link
http://security.gentoo.org/glsa/glsa-201406-32.xml Third Party Advisory
http://www.ibm.com/developerworks/java/jdk/alerts/ Product
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1384.html Broken Link
http://www.securityfocus.com/bid/50218 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1026215 Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1263-1 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/70849 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947 Broken Link
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Mailing List
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Mailing List
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Mailing List
http://marc.info/?l=bugtraq&m=132750579901589&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254866602253&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Mailing List
http://marc.info/?l=bugtraq&m=134254957702612&w=2 Mailing List
http://rhn.redhat.com/errata/RHSA-2013-1455.html Third Party Advisory
http://secunia.com/advisories/48308 Broken Link
http://security.gentoo.org/glsa/glsa-201406-32.xml Third Party Advisory
http://www.ibm.com/developerworks/java/jdk/alerts/ Product
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1384.html Broken Link
http://www.securityfocus.com/bid/50218 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1026215 Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1263-1 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/70849 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947 Broken Link
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update8:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update10_b31:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update17_b31:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update17_b32:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update21_b31:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update25_b33:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update25_b34:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update25_b35:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update7_b32:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.4:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
History

10 Feb 2025, 20:15

Type Values Removed Values Added
CWE CWE-284
Information

Published : 2011-10-19 21:55

Updated : 2025-04-11 00:51

NVD link : CVE-2011-3544

Mitre link : CVE-2011-3544

CVE.ORG link : CVE-2011-3544

JSON object : View

Products Affected

oracle

  • jdk
  • jre

redhat

  • satellite_with_embedded_oracle

suse

  • linux_enterprise_server
  • linux_enterprise_java

canonical

  • ubuntu_linux
CWE
NVD-CWE-noinfo CWE-284

Improper Access Control