VAR-201110-0389 — Vulnetix

VAR-201110-0389 PUBLISHED

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to HotSpot.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a

Exploit Intelligence

Soteria-Research/cve-2015-4843-type-confusion-phrack (github-poc)
✨ HAProxy ve Keepalived konusunu load balancer ve cluster'a ek olarak güvenlik(zayıf SSL/Kripto Kullanımı (LOGJAM) (CVE-2015-4000) zafiyeti önlemi) ve yüksek yüklere karşı ele alır. (github-poc)
guhe120/CVE-2013-5842 (github-poc)
A Simple PoC for CVE-2012-4681 (github-poc)
An A/V evasion armoring experiment for CVE-2012-4681 (github-poc)
Proof of concept exploit for CVE-2012-1723 (github-poc)
Python 3 implementation of an existing CVE-2011-3556 proof of concept (PoC). (github-poc)
:muscle: Proof Of Concept of the BEAST attack against SSL/TLS CVE-2011-3389 :muscle: (github-poc)
edmondscommerce/CVE-2011-2461_Magento_Patch (github-poc)
Patched version of the uploader.swf and uploaderSingle.swf to fix CVE-2011-2461 (github-poc)

…and 26 more exploits

Timeline

Nov 4, 2009 CVE Published
Apr 30, 2017 PoC Published
Jul 2, 2021 PoC Published
Nov 4, 2021 PoC Published
Jan 24, 2023 PoC Published
Feb 13, 2025 PoC Published
Jul 30, 2025 PoC Published
Mar 28, 2026 PoC Published
Mar 30, 2026 Distribution Patch
Mar 30, 2026 Security Advisory

References

GLSA-201406-32 vendor-advisory
HPSBMU02799 vendor-advisory
50242 vdb
48308 third-party-advisory
HPSBUX02730 vendor-advisory
RHSA-2011:1384 vendor-advisory
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html url
SSRT100867 vendor-advisory
76510 vdb
1026215 vdb
USN-1263-1 vendor-advisory
oval:org.mitre.oval:def:13475 vdb
http://www.ibm.com/developerworks/java/jdk/alerts/ url
oracle-java-hotspot-info-disc(70835) vdb

Open in Interactive Console →