English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2018-3149
Description:Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g. through a web service which supplies data to the APIs. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
Test IDs: 1.3.6.1.4.1.25623.1.1.4.2018.3920.1   1.3.6.1.4.1.25623.1.1.4.2018.4064.1   1.3.6.1.4.1.25623.1.1.4.2018.3933.1   1.3.6.1.4.1.25623.1.1.4.2018.3921.1   1.3.6.1.4.1.25623.1.1.4.2018.3868.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2018-3149
BugTraq ID: 105608
http://www.securityfocus.com/bid/105608
Debian Security Information: DSA-4326 (Google Search)
https://www.debian.org/security/2018/dsa-4326
https://security.gentoo.org/glsa/201908-10
https://lists.debian.org/debian-lts-announce/2018/11/msg00026.html
RedHat Security Advisories: RHSA-2018:2942
https://access.redhat.com/errata/RHSA-2018:2942
RedHat Security Advisories: RHSA-2018:2943
https://access.redhat.com/errata/RHSA-2018:2943
RedHat Security Advisories: RHSA-2018:3000
https://access.redhat.com/errata/RHSA-2018:3000
RedHat Security Advisories: RHSA-2018:3001
https://access.redhat.com/errata/RHSA-2018:3001
RedHat Security Advisories: RHSA-2018:3002
https://access.redhat.com/errata/RHSA-2018:3002
RedHat Security Advisories: RHSA-2018:3003
https://access.redhat.com/errata/RHSA-2018:3003
RedHat Security Advisories: RHSA-2018:3007
https://access.redhat.com/errata/RHSA-2018:3007
RedHat Security Advisories: RHSA-2018:3008
https://access.redhat.com/errata/RHSA-2018:3008
RedHat Security Advisories: RHSA-2018:3350
https://access.redhat.com/errata/RHSA-2018:3350
RedHat Security Advisories: RHSA-2018:3409
https://access.redhat.com/errata/RHSA-2018:3409
RedHat Security Advisories: RHSA-2018:3521
https://access.redhat.com/errata/RHSA-2018:3521
RedHat Security Advisories: RHSA-2018:3533
https://access.redhat.com/errata/RHSA-2018:3533
RedHat Security Advisories: RHSA-2018:3534
https://access.redhat.com/errata/RHSA-2018:3534
RedHat Security Advisories: RHSA-2018:3671
https://access.redhat.com/errata/RHSA-2018:3671
RedHat Security Advisories: RHSA-2018:3672
https://access.redhat.com/errata/RHSA-2018:3672
RedHat Security Advisories: RHSA-2018:3779
https://access.redhat.com/errata/RHSA-2018:3779
RedHat Security Advisories: RHSA-2018:3852
https://access.redhat.com/errata/RHSA-2018:3852
http://www.securitytracker.com/id/1041889
https://usn.ubuntu.com/3804-1/
https://usn.ubuntu.com/3824-1/



© 1998-2025 E-Soft Inc. All rights reserved.