Exploitation of this vulnerability requires that a user is logged in with administrative privileges. 1.2 Vulnerabilities in the Java SE component. The following vulnerabilities were found in the Oracle Java SE component: CVE-2018-3999 A use-after-free vulnerability exists in the way that the Hotspot component handles objects in privileged code. An attacker can exploit this vulnerability by running untrusted Java code in privileged codes. CVE-2018-4003 A security bypass vulnerability exists in the Networking component due to incorrect handling of SSL/TLS connections. An attacker can exploit this vulnerability by sending malicious packets to an application via an SSL/TLS connection, resulting in a connection being established without validation of the received data. CVE-2018-4005 A denial of service vulnerability exists in the way that the SSL/TLS protocol handles INT/UINT types within a signed/unsigned size field in a DTLS handshake. An attacker can exploit this vulnerability by sending a crafted DTLS handshake to an application via an SSL/TLS connection, resulting in an application crash. CVE-2018-4006 A buffer overflow vulnerability exists in the Skia component when parsing glyphs in some SVG files. An attacker can exploit this vulnerability by sending a crafted SVG file via an SSL/TLS connection, resulting in a connection being established without validation of the received data

Vulnerabilities in the Java SE Embedded component

. The following vulnerabilities were found in the Oracle Java SE Embedded component: CVE-2016-5199 A stack overflow vulnerability exists in the way that the JAXP component handles XML Signature Transformations. An attacker can exploit this vulnerability by creating a crafted XML document and sending it to an application via an SSL/TLS connection, resulting in a connection being established without validation of the received data. 1.3 Vulnerabilities in the Java Runtime Environment component. The following vulnerabilities were found in the Oracle Java Runtime Environment component: CVE-2018-3148 A security bypass vulnerability exists when ASN.1 DER encoding rules are not correctly enforced by the Bouncy Castle cryptographic library. An attacker can exploit this vulnerability by physically proximate to a computer with a Bouncy Castle cryptographic library installed to execute untrusted code, resulting in a denial of service condition.

Timeline

Published on: 10/18/2022 21:15:00 UTC
Last modified on: 10/18/2022 21:18:00 UTC

References