CVE-2017-3241

CRITICAL

Oracle Java SE 6u131, 7u121, 8u112; Java SE Embedded 8u111; JRockit R28.3.12 - Remote Code Execution via RMI

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2017-3241. PoCs published by ERPScan, xfei3, scopion.

AI-analyzed exploit summary This exploit generates a malicious serialized Java object that triggers a StackOverflowError during deserialization, causing a Denial of Service (DoS) in OpenJDK Runtime Environment 1.8. The PoC crafts a sequence of bytes that exploits a flaw in ObjectInputStream.skipCustomData().

Description

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts).

Exploits (3)

exploitdb WORKING POC VERIFIED
by ERPScan · pythondosmultiple
https://www.exploit-db.com/exploits/41145

This exploit generates a malicious serialized Java object that triggers a StackOverflowError during deserialization, causing a Denial of Service (DoS) in OpenJDK Runtime Environment 1.8. The PoC crafts a sequence of bytes that exploits a flaw in ObjectInputStream.skipCustomData().

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: OpenJDK Runtime Environment 1.8.0_112-b15
No auth needed
Prerequisites: Python 2.x · Target application using vulnerable OpenJDK version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP 2 stars
by xfei3 · poc
https://github.com/xfei3/CVE-2017-3241-POC

This repository provides a conceptual proof-of-concept for CVE-2017-3241, a Java RMI deserialization vulnerability. It explains the vulnerability's root cause and references external resources for exploitation techniques but does not include executable exploit code.

Classification
Writeup 90%
Attack Type
Deserialization
Complexity
Moderate
Reliability
Theoretical
Target: Java RMI (JDK 8 and earlier)
No auth needed
Prerequisites: Target must be running a vulnerable Java RMI service · Attacker must be able to send crafted serialized objects to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (19)

Core 19
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0338.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2017/dsa-3782
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0176.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201701-65
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0180.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037637
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201707-01
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0175.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0177.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0263.html
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1216
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20170119-0001/
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0269.html
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41145/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95488
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0337.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0336.html

Scores

CVSS v3 9.0
EPSS 0.7287
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-20
Status published
Products (12)
Oracle/Java SE 6u131
Oracle/Java SE 7u121
Oracle/Java SE 8u112
Oracle/Java SE Embedded 8u111
oracle/jdk 1.6 update_131
oracle/jdk 1.7 update_121
oracle/jdk 1.8 update_111 (2 CPE variants)
oracle/jre 1.6 update_131
oracle/jre 1.7 update_121
oracle/jre 1.8 update_111 (2 CPE variants)
... and 2 more
Published Jan 27, 2017
Tracked Since Feb 18, 2026