CVE-2011-3556

Oracle Java SE - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/17535
nomisec WORKING POC 1 stars
by sk4la · poc
https://github.com/sk4la/cve_2011_3556
metasploit SCANNER
by mihi, hdm · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/misc/java_rmi_server.rb
metasploit WORKING POC EXCELLENT
by mihi · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/java_rmi_server.rb

References (24)

... and 4 more

Scores

EPSS 0.8707
EPSS Percentile 99.4%

Details

Status published
Products (10)
oracle/jrockit r28.0.0
oracle/jrockit r28.0.1
oracle/jrockit r28.0.2
oracle/jrockit r28.1.0
oracle/jrockit r28.1.1
oracle/jrockit r28.1.3
oracle/jrockit < r28.1.4
sun/jdk 1.7.0
sun/jdk 1.6.0 (25 CPE variants)
sun/jdk 1.5.0 (17 CPE variants)
Published Oct 19, 2011
Tracked Since Feb 18, 2026