漏洞类别:Local
漏洞等级: 
漏洞信息
Java Runtime Environment (JRE) is a platform that supports the execution of programs that are developed using the Java programming language. The JRE platform also supports Java Applets, which can be loaded from Web pages.
JRE and JDK are exposed to multiple vulnerabilities that affect various components. Oracle's Java Critical Patch Update for April 2016 contains 7 new security fixes across multiple Java SE products and sub-products.
Affected Versions:
Oracle Java JDK and JRE, versions 6u121 and earlier, 7u111 and earlier, 8u102 and earlier.
漏洞危害
Exploitation could allow an attacker to take complete control of an affected system.
解决方案
The vendor released updates (Java SE JDK and JRE 8 Update 111 or later, Java SE JDK and JRE 7 Update 121, Java SE JDK and JRE 6 Update 131) to resolve these issues.
Refer to vendor advisory Oracle Java SE CPU October 2016 and Oracle Doc ID 2190513.1 to obtain more details.
Updates for Java 5, Java 6 and Java 7 are no longer available to the public. Oracle offers updates to Java 5 and Java 6 only for customers who have purchased Java support or have Oracle products that require Java 5, Java 6 and Java 7.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论