CVE-2019-2602 in Java SEinfo

Summary

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

12/14/2018

Moderation

VulDB entry created

Entries

1: VDB-133648

CPE

ready

CWE

CWE-284 (Confirmed)

CVSS

7.5

EPSS

0.00233

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-2602
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-2602
CVE Details	https://www.cvedetails.com/cve/CVE-2019-2602/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!