#VU7333 Denial of service in JRockit and Oracle Java SE - CVE-2017-3253
Published: July 5, 2017 / Updated: November 22, 2018
Vulnerability identifier: #VU7333
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-3253
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
JRockit
Oracle Java SE
JRockit
Oracle Java SE
Software vendor:
Oracle
Oracle
Description
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists due to unknown error in Oracle Java SE Java SE Embedded and Jrockit related to the 2D component. A remote attacker can cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
The weakness exists due to unknown error in Oracle Java SE Java SE Embedded and Jrockit related to the 2D component. A remote attacker can cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Remediation
Install update from vendor's website.