PT-2017-11122 · Oracle+2 · Java Se+3

Published

2017-08-08

Updated

2024-06-15

CVE-2017-10125

CVSS v3.1

7.1

High

Vector

AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Java SE versions 7u141 and 8u131

Description The issue allows physical access to compromise Java SE, and successful attacks can result in the takeover of Java SE. It is difficult to exploit and may significantly impact additional products. The vulnerability applies to deployments of Java where the Java Auto Update is enabled.

Recommendations For Java SE version 7u141, update to a version that is not affected by this issue. For Java SE version 8u131, update to a version that is not affected by this issue. As a temporary workaround, consider disabling the Java Auto Update feature until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-10125

OPENSUSE-SU-2018_0042-1

OPENSUSE-SU-2024:10876-1

SUSE-SU-2017:2175-1

SUSE-SU-2017:2263-1

SUSE-SU-2017:2280-1

SUSE-SU-2017:2281-1

SUSE-SU-2018:0005-1

Affected Products

Ibm Aix

Java Platform

Java Se

Suse

PT-2017-11122 · Oracle+2 · Java Se+3

CVE-2017-10125

Related Identifiers

Affected Products

References · 240