VDB
RHSA-2017%3A0177
RHSA-2017%3A0177
PUBLISHED
CVSS 7.5 HIGH
An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Risk Scores
CVSS 3.1
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle Java for Red Hat Enterprise Linux Server 5 | ||
| Oracle Java for Red Hat Enterprise Linux Client 5 | ||
| Oracle Java for Red Hat Enterprise Linux Workstation (v. 7) | ||
| Oracle Java for Red Hat Enterprise Linux Desktop 6 | ||
| Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7) | ||
| Oracle Java for Red Hat Enterprise Linux HPC Node 6 | ||
| java | ||
| Oracle Java for Red Hat Enterprise Linux Workstation 6 | ||
| Oracle Java for Red Hat Enterprise Linux Server (v. 7) | ||
| Oracle Java for Red Hat Enterprise Linux Server 6 | ||
| Oracle Java for Red Hat Enterprise Linux Client (v. 7) |
Exploit Intelligence
- POC for java RMI deserialization vulnerability (github-poc-repo)
- POC for java RMI deserialization vulnerability (github-poc-repo)
- POC for java RMI deserialization vulnerability (github-poc-repo)
- scopion/CVE-2017-3241 (github-poc-repo)
- scopion/CVE-2017-3241 (github-poc-repo)
- scopion/CVE-2017-3241 (github-poc-repo)
- scopion/CVE-2017-3241 (github-poc)
- POC for java RMI deserialization vulnerability (github-poc)
- https://bugzilla.redhat.com/show_bug.cgi?id=1413583 (circl)
- https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0177.json (circl)
…and 14 more exploits
Timeline
- Jan 19, 2017 CVE Published
- Apr 6, 2026 Distribution Patch
- Apr 6, 2026 Distribution Patch
- Apr 6, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2017:0177 advisory
- https://access.redhat.com/security/updates/classification/#critical url
- http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA url
- http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html#R160_141 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1369383 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413554 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413583 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413653 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413717 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413882 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413906 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413911 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413920 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1413955 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1414163 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0177.json advisory