CVE-2017-3252

EPSS 0.38% · P60 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-3252

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.8 (Integrity impacts).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Oracle Java SE,Java SE Embedded和Jrockit 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Oracle Java SE等都是美国甲骨文（Oracle）公司的产品。Oracle Java SE是一款用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。Oracle Java SE Embedded是一款针对嵌入式系统的、可移植的应用程序的Java平台。Oracle Jrockit是一款内置于Oracle融合中间件中的Java虚拟机。 Oracle Java SE中的Java SE、Java SE Embedded和JRockit组件中的JAAS子组件存在安全漏洞。攻击者可利用该漏

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Java JavaSE:6u131;7u121;8u112;JavaSEEmbedded:8u111;JRockit:R28.3.12	Java JavaSE:6u131;7u121;8u112;JavaSEEmbedded:8u111;JRockit:R28.3.12	-

II. Public POCs for CVE-2017-3252

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-3252

Please Login to view more intelligence information

🔗 https://security.netapp.com/advisory/ntap-20170119-0001/x_refsource_CONFIRM
🔗 http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.htmlx_refsource_CONFIRM
🔗 http://www.securityfocus.com/bid/95509vdb-entryx_refsource_BID
🔗 http://www.securitytracker.com/id/1037637vdb-entryx_refsource_SECTRACK
🔗 http://www.debian.org/security/2017/dsa-3782vendor-advisoryx_refsource_DEBIAN
🔗 http://rhn.redhat.com/errata/RHSA-2017-0269.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2017-0176.htmlvendor-advisoryx_refsource_REDHAT
🔗 https://security.gentoo.org/glsa/201707-01vendor-advisoryx_refsource_GENTOO
🔗 https://security.gentoo.org/glsa/201701-65vendor-advisoryx_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2017-0177.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2017-0336.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2017-0337.htmlvendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:1216vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2017-0263.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2017-0338.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2017-0180.htmlvendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2017-3252

Same Patch Batch · n/a · 2017-01-27 · 35 CVEs total

CVE-2016-3996		Samsung KNOX 安全漏洞
CVE-2017-3386		Oracle E-Business Suite 安全漏洞
CVE-2017-3397		Oracle E-Business Suite 安全漏洞
CVE-2017-3413		Oracle E-Business Suite 安全漏洞
CVE-2017-5328		Palo Alto Networks Terminal Services Agent 安全漏洞
CVE-2017-5329		Palo Alto Networks Terminal Services Agent 权限许可和访问控制问题漏洞
CVE-2017-5601		libarchive 安全漏洞
CVE-2016-1919		Samsung KNOX 安全漏洞
CVE-2016-1920		Samsung KNOX 信息泄露漏洞
CVE-2017-3368		Oracle E-Business Suite Oracle iStore 安全漏洞
CVE-2016-5822		Huawei OceanStor 5800 拒绝服务漏洞
CVE-2016-10002		Squid HTTP proxy 信息泄露漏洞
CVE-2016-10003		Squid HTTP proxy 信息泄露漏洞
CVE-2016-9448		Silicon Graphics LibTIFF 拒绝服务漏洞
CVE-2016-9453		Silicon Graphics LibTIFF 拒绝服务漏洞
CVE-2017-5598		eClinicalWorks healow@work SQL注入漏洞
CVE-2017-5599		eClinicalWorks Patient Portal 跨站脚本漏洞
CVE-2016-9634		GStreamer Good Plug-ins 缓冲区溢出漏洞
CVE-2016-5824		libical 代码问题漏洞
CVE-2016-5825		libical 安全漏洞

Showing top 20 of 35 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a

V. Comments for CVE-2017-3252

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-3252

I. Basic Information for CVE-2017-3252

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-3252

III. Intelligence Information for CVE-2017-3252

Same Patch Batch · n/a · 2017-01-27 · 35 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-3252

Leave a comment