CVE-2011-3544
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- September 16, 2011
- Published Date
- October 19, 2011
- Last Updated
- February 10, 2025
- Vendor
- n/a
- Product
- n/a
- Description
- Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.
CVSS Scores
SSVC Information
- Exploitation
- active
- Automatable
- Yes
- Technical Impact
- total
Exploit Status
- Exploited in the Wild
- Yes (added 2022-03-03 00:00:00 UTC) Source
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://marc.info/?l=bugtraq&m=134254866602253&w=2
http://secunia.com/advisories/48308
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://marc.info/?l=bugtraq&m=132750579901589&w=2
http://www.redhat.com/support/errata/RHSA-2011-1384.html
http://www.securityfocus.com/bid/50218
http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
http://marc.info/?l=bugtraq&m=134254957702612&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/70849
http://www.securitytracker.com/id?1026215
http://www.ubuntu.com/usn/USN-1263-1
http://marc.info/?l=bugtraq&m=134254957702612&w=2
http://www.ibm.com/developerworks/java/jdk/alerts/
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-03-03 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/java_rhino.rb | 2025-04-29 11:01:19 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
java_rhino
Type: metasploit • Created: Unknown
Metasploit module for CVE-2011-3544