Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability — CVE-2011-3544

Date
2022-03-03

Source
CISA-KEV

Vendor
Oracle

Threat
high

Exploited
Yes

Summary

Advisory CVE-2011-3544. Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability Vendor: Oracle. Source: CISA-KEV. Threat: high. Known exploited in the wild. See the official advisory for details.

What to do

General, cautious steps (verify details in the official source):

Prioritize patching or mitigation immediately (treat as actively risky).
Identify affected product versions in your inventory and verify whether you are impacted.
Apply vendor patches/updates or recommended mitigations as soon as available.
Check logs/telemetry for indicators of compromise and suspicious activity.
Consider temporary hardening: restrict access, reduce attack surface, and monitor aggressively.
Read the official advisory for exact affected versions and remediation steps.

Official advisory

Read the official source

Related advisories

Oracle CISA-KEV 2022-W09