Detections
Analytics

Oracle Java SE Installer on Windows Arbitrary Code Execution

high Nessus Plugin ID 88755

Language:

Synopsis

The remote Windows host contains a programming platform that is affected by an arbitrary code execution vulnerability.

Description

The version of Oracle Java SE or Java for Business installed on the remote host is prior to 8 Update 73, 7 Update 97, or 6 Update 113. It is, therefore, affected by an arbitrary code execution vulnerability that may have been exploited when installing Java. If an attacker convinced a user to download a set of malicious files before Java was installed, then arbitrary code may have been executed during the installation. A system with the vulnerable versions of Java installed should be checked for malicious software or abnormal behaviors.

Solution

Discard any installers for versions of Oracle JDK / JRE prior to 8 Update 73, 7 Update 97, or 6 Update 113. Additionally, check for malicious software or abnormal behavior.

See Also

https://blogs.oracle.com/oraclesecurity/

http://www.nessus.org/u?eb8074f2

Plugin Details

Severity: High

ID: 88755

File Name: oracle_java_installer_CVE-2016-0603.nasl

Version: 1.6

Type: local

Agent: windows

Family: Windows

Published: 2/16/2016

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2016-0603

Vulnerability Information

CPE: cpe:/a:oracle:jdk, cpe:/a:oracle:jre

Required KB Items: SMB/Java/JRE/Installed, Settings/ParanoidReport, SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Patch Publication Date: 2/5/2016

Vulnerability Publication Date: 2/5/2016

Reference Information

CVE: CVE-2016-0603

BID: 83008