Critical severity9.8CISA KEVNVD Advisory· Published Oct 19, 2011· Updated Apr 22, 2026

CVE-2011-3544

Description

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.

Affected products

Oracle Corporation/Jdk40 versions
cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*+ 39 more
- cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*range: <1.6.0
- cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:*:*:*:*:*:*
Oracle Corporation/Jre51 versions
cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*+ 50 more
- cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*range: <1.6.0
- cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update8:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update10_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update21_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25_b33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25_b34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25_b35:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update7_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
Red Hat/Satellite With Embedded Oracle
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.4:*:*:*:*:*:*:*
Canonical (company)/Ubuntu Linux4 versions
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Java
cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Server
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.htmlnvdPatchVendor Advisory
lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.htmlnvdMailing ListThird Party Advisory
rhn.redhat.com/errata/RHSA-2013-1455.htmlnvdThird Party Advisory
security.gentoo.org/glsa/glsa-201406-32.xmlnvdThird Party Advisory
www.securityfocus.com/bid/50218nvdBroken LinkThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-1263-1nvdThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/70849nvdThird Party AdvisoryVDB Entry
marc.infonvdMailing List
marc.infonvdMailing List
marc.infonvdMailing List
secunia.com/advisories/48308nvdBroken Link
www.ibm.com/developerworks/java/jdk/alerts/nvdProduct
www.redhat.com/support/errata/RHSA-2011-1384.htmlnvdBroken Link
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947nvdBroken Link
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.074
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000