ID

VAR-201206-0057


CVE

CVE-2012-1721


TITLE

Oracle Java SE of Java Runtime Environment (JRE) In Deployment Processing vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2012-002750

DESCRIPTION

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722. This vulnerability CVE-2012-1722 Is a different vulnerability.Information is leaked by a third party, information is altered, or service operation is interrupted. (DoS) An attack may be carried out. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists because it is possible to change system properties through trusted JNLP files. If a JNLP file requests "<all-permissions/>" and only references signed, trusted JAR files, it can set all System properties. By referencing a trusted JNLP file from an untrusted one it is possible to change System Properties that can lead to remote code execution under the context of the current user. This vulnerability affects the following supported versions: 7 Update 4, 6 Update 32. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2012:0734-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0734.html Issue date: 2012-06-13 CVE Names: CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 ===================================================================== 1. Summary: Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. (CVE-2012-0551, CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725) All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide JDK and JRE 6 Update 33 and resolve these issues. All running instances of Sun Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 829354 - CVE-2012-1711 OpenJDK: improper protection of CORBA data models (CORBA, 7079902) 829358 - CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606) 829360 - CVE-2012-1716 OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614) 829361 - CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617) 829371 - CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851) 829372 - CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872) 829373 - CVE-2012-1723 OpenJDK: insufficient field accessibility checks (HotSpot, 7152811) 829374 - CVE-2012-1724 OpenJDK: XML parsing infinite loop (JAXP, 7157609) 829376 - CVE-2012-1725 OpenJDK: insufficient invokespecial <init> verification (HotSpot, 7160757) 831353 - CVE-2012-1721 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 831354 - CVE-2012-1722 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 831355 - CVE-2012-0551 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.i586.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.i586.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el5_8.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.i586.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.i686.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.i686.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.i686.rpm x86_64: java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-demo-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.i686.rpm java-1.6.0-sun-devel-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.33-1jpp.1.el6_2.x86_64.rpm java-1.6.0-sun-src-1.6.0.33-1jpp.1.el6_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-0551.html https://www.redhat.com/security/data/cve/CVE-2012-1711.html https://www.redhat.com/security/data/cve/CVE-2012-1713.html https://www.redhat.com/security/data/cve/CVE-2012-1716.html https://www.redhat.com/security/data/cve/CVE-2012-1717.html https://www.redhat.com/security/data/cve/CVE-2012-1718.html https://www.redhat.com/security/data/cve/CVE-2012-1719.html https://www.redhat.com/security/data/cve/CVE-2012-1721.html https://www.redhat.com/security/data/cve/CVE-2012-1722.html https://www.redhat.com/security/data/cve/CVE-2012-1723.html https://www.redhat.com/security/data/cve/CVE-2012-1724.html https://www.redhat.com/security/data/cve/CVE-2012-1725.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFP2PdfXlSAg2UNWIIRAmPoAKC0e7v7/kro/BSlg3WvTcUuUsY5GwCgnIxh yIn7jJFAEdlZRgCuCNL1mk0= =TbeE -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . More details can be found at: http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.ht ml - -- Disclosure Timeline: 2012-03-14 - Vulnerability reported to vendor 2012-12-21 - Coordinated public release of advisory - -- Credit: This vulnerability was discovered by: * Chris Ries - -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Apple Mac OS X update for Java SECUNIA ADVISORY ID: SA49542 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49542/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49542 RELEASE DATE: 2012-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/49542/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49542/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49542 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has issued an update for Java for Mac OS X. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://support.apple.com/kb/HT5319 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03441075 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03441075 Version: 1 HPSBUX02805 SSRT100919 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-08-13 Last Updated: 2012-08-13 - ----------------------------------------------------------------------------- Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE 7.0.02 and 6.0.15 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-0508 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0551 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-1711 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-1713 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1716 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1718 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1719 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-1720 (AV:L/AC:H/Au:N/C:P/I:P/A:P) 3.7 CVE-2012-1721 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1722 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1723 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1724 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1725 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1726 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/go/java HP-UX B.11.23, B.11.31 / JDK and JRE v7.0.02 or subsequent HP-UX B.11.23, B.11.31 / JDK and JRE v6.0.15 or subsequent HP-UX B.11.11, B.11.23 / JDK and JRE v6.0.15 or subsequent MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.02 or subsequent For Java v6.0 update to Java v6.0.15 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.02.00 or subsequent HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.15.00 or subsequent HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS action: install revision 1.6.0.15.00 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 13 August 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

Trust: 3.24

sources: NVD: CVE-2012-1721 // JVNDB: JVNDB-2012-002750 // ZDI: ZDI-12-189 // BID: 53959 // PACKETSTORM: 113609 // PACKETSTORM: 119007 // PACKETSTORM: 113635 // PACKETSTORM: 123734 // PACKETSTORM: 115980 // PACKETSTORM: 116648 // PACKETSTORM: 115550 // PACKETSTORM: 113943

AFFECTED PRODUCTS

vendor:oraclemodel:jrescope:lteversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:lteversion:1.7.0

Trust: 1.0

vendor:sunmodel:jre 17scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 12scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 10scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.7

Trust: 0.9

vendor:sunmodel:jre 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 17scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 14scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 11scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 10scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 05scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdkscope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 20scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 02scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 2scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 30scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 24scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 23scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 22scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdkscope:eqversion:1.7

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 2scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 30scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 24scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 23scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 22scope: - version: -

Trust: 0.9

vendor:applemodel:mac os xscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.7.4

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.7.4

Trust: 0.8

vendor:sun microsystemsmodel:jdkscope:lteversion:6 update 32

Trust: 0.8

vendor:sun microsystemsmodel:jdkscope:lteversion:7 update 4

Trust: 0.8

vendor:sun microsystemsmodel:jrescope:lteversion:6 update 32

Trust: 0.8

vendor:sun microsystemsmodel:jrescope:lteversion:7 update 4

Trust: 0.8

vendor:oraclemodel:java runtimescope: - version: -

Trust: 0.7

vendor:sunmodel:jre 1.6.0 20scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.6.0 2scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.6.0 01scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 01-b06scope:eqversion:1.6

Trust: 0.6

vendor:oraclemodel:jdkscope:eqversion:1.7.0

Trust: 0.6

vendor:oraclemodel:jrescope:eqversion:1.6.0

Trust: 0.6

vendor:oraclemodel:jdkscope:eqversion:1.6.0

Trust: 0.6

vendor:oraclemodel:jrescope:eqversion:1.7.0

Trust: 0.6

vendor:xeroxmodel:freeflow print server 73.c0.41scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.b3.61scope: - version: -

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:4.0

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:3.5

Trust: 0.3

vendor:susemodel:linux enterprise server for vmware sp2scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise server sp2scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise java sp2scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise software development kit sp2scope:eqversion:11

Trust: 0.3

vendor:sunmodel:jdk 1.6.0 01-b06scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 01scope:eqversion:1.6

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:eqversion:3.27.0

Trust: 0.3

vendor:redhatmodel:network satellite (for rhelscope:eqversion:6)5.5

Trust: 0.3

vendor:redhatmodel:network satellite (for rhelscope:eqversion:5)5.5

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:tivoli system automation application managerscope:eqversion:3.2.2

Trust: 0.3

vendor:ibmmodel:tivoli system automation application managerscope:eqversion:3.2.1

Trust: 0.3

vendor:ibmmodel:tivoli system automation application managerscope:eqversion:3.2

Trust: 0.3

vendor:ibmmodel:tivoli system automation application managerscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:tivoli system automation for multiplatformsscope:eqversion:3.2.2

Trust: 0.3

vendor:ibmmodel:tivoli system automation for multiplatformsscope:eqversion:3.2.1

Trust: 0.3

vendor:ibmmodel:tivoli system automation for multiplatformsscope:eqversion:3.2

Trust: 0.3

vendor:ibmmodel:tivoli system automation for multiplatformsscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.4

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.3.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.3

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.2.1

Trust: 0.3

vendor:ibmmodel:tivoli monitoring for energy managementscope:eqversion:6.3.2.1

Trust: 0.3

vendor:ibmmodel:rational synergyscope:eqversion:7.1.0.6

Trust: 0.3

vendor:ibmmodel:rational method composerscope:eqversion:7.5.2

Trust: 0.3

vendor:ibmmodel:java se sr1scope:eqversion:7

Trust: 0.3

vendor:ibmmodel:java se sr10scope:eqversion:6

Trust: 0.3

vendor:ibmmodel:java se sr12scope:eqversion:5.0.0

Trust: 0.3

vendor:ibmmodel:java se sr13scope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java se sr12-fp5scope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java se sr11 pf1scope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java se sr11scope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java se sr10scope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdk sr1scope:eqversion:7

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp6scope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp2scope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp10scope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp1scope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:java sdk sr13 fp11scope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:doors web accessscope:eqversion:9.4

Trust: 0.3

vendor:ibmmodel:doors web accessscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:db2 query management facilityscope:eqversion:9.1.19

Trust: 0.3

vendor:ibmmodel:db2 query management facilityscope:eqversion:10.1.5

Trust: 0.3

vendor:hpmodel:nonstop server j6.0.14.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.16scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.15scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.14.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.14scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.13.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.13scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.12.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.27scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.25.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.25scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.23scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.00scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:attachmatemodel:reflectionscope:eqversion:x2011

Trust: 0.3

vendor:attachmatemodel:reflection suite forscope:eqversion:x2011

Trust: 0.3

vendor:attachmatemodel:reflection for secure it windows serverscope:eqversion:0

Trust: 0.3

vendor:attachmatemodel:reflection for secure it unix serverscope:eqversion:0

Trust: 0.3

vendor:attachmatemodel:reflection for secure it unix clientscope:eqversion:0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:neversion:3.29.0

Trust: 0.3

vendor:ibmmodel:tivoli system automation application managerscope:neversion:3.2.21

Trust: 0.3

vendor:ibmmodel:tivoli system automation for multiplatformsscope:neversion:3.2.2.4

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibus fix packscope:neversion:7.41

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibus fix packscope:neversion:7.3.16

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibus fix packscope:neversion:7.311

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibus fix packscope:neversion:7.2.113

Trust: 0.3

vendor:ibmmodel:rational synergyscope:neversion:7.1.0.7

Trust: 0.3

vendor:ibmmodel:rational method composerscope:neversion:7.5.2.1

Trust: 0.3

vendor:ibmmodel:java se sr2scope:neversion:7

Trust: 0.3

vendor:ibmmodel:java se sr2-fp1scope:neversion:6.0.1

Trust: 0.3

vendor:ibmmodel:java se sr11scope:neversion:6

Trust: 0.3

vendor:ibmmodel:java se sr14scope:neversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdk sr2scope:neversion:7

Trust: 0.3

vendor:ibmmodel:java sdk sr13 fp13scope:neversion:1.4.2

Trust: 0.3

vendor:ibmmodel:doors web accessscope:neversion:9.5

Trust: 0.3

vendor:ibmmodel:db2 query management facilityscope:neversion:9.1.20

Trust: 0.3

vendor:ibmmodel:db2 query management facilityscope:neversion:10.1.6

Trust: 0.3

sources: ZDI: ZDI-12-189 // BID: 53959 // JVNDB: JVNDB-2012-002750 // CNNVD: CNNVD-201206-242 // NVD: CVE-2012-1721

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-1721
value: HIGH

Trust: 1.0

NVD: CVE-2012-1721
value: HIGH

Trust: 0.8

ZDI: CVE-2012-1721
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201206-242
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2012-1721
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2012-1721
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 8.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

sources: ZDI: ZDI-12-189 // JVNDB: JVNDB-2012-002750 // CNNVD: CNNVD-201206-242 // NVD: CVE-2012-1721

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-1721

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 119007 // PACKETSTORM: 115980 // PACKETSTORM: 115550 // CNNVD: CNNVD-201206-242

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201206-242

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-002750

PATCH

title:Oracle Java SE Critical Patch Update Advisory - June 2012url:http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html

Trust: 1.5

title:HT5319url:http://support.apple.com/kb/HT5319

Trust: 0.8

title:HPSBUX02805 SSRT100919url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c03441075

Trust: 0.8

title:SUSE-SU-2012:1231url:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html

Trust: 0.8

title:SUSE-SU-2012:1265url:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html

Trust: 0.8

title:Text Form of Oracle Java SE Critical Patch Update - June 2012 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/javacpujun2012verbose-1515971.html

Trust: 0.8

title:RHSA-2013:1456url:https://rhn.redhat.com/errata/RHSA-2013-1456.html

Trust: 0.8

title:RHSA-2013:1455url:https://rhn.redhat.com/errata/RHSA-2013-1455.html

Trust: 0.8

title:June 2012 Critical Patch Update for Java SE Releasedurl:https://blogs.oracle.com/security/entry/june_2012_critical_patch_update

Trust: 0.8

title:Oracle Corporation Javaプラグインの脆弱性に関するお知らせurl:http://www.fmworld.net/biz/common/oracle/20120614.html

Trust: 0.8

title:jre-7u5-windows-i586-iftwurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43416

Trust: 0.6

title:jre-7u5-linux-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43420

Trust: 0.6

title:jre-7u5-linux-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43419

Trust: 0.6

title:jre-7u5-solaris-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43418

Trust: 0.6

title:jre-7u5-solaris-sparcurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43417

Trust: 0.6

sources: ZDI: ZDI-12-189 // JVNDB: JVNDB-2012-002750 // CNNVD: CNNVD-201206-242

EXTERNAL IDS

db:NVDid:CVE-2012-1721

Trust: 4.1

db:BIDid:53959

Trust: 1.9

db:ZDIid:ZDI-12-189

Trust: 1.1

db:JVNDBid:JVNDB-2012-002750

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-1501

Trust: 0.7

db:CNNVDid:CNNVD-201206-242

Trust: 0.6

db:ICS CERTid:ICSA-17-213-02

Trust: 0.3

db:PACKETSTORMid:113609

Trust: 0.1

db:PACKETSTORMid:119007

Trust: 0.1

db:SECUNIAid:49542

Trust: 0.1

db:PACKETSTORMid:113635

Trust: 0.1

db:PACKETSTORMid:123734

Trust: 0.1

db:PACKETSTORMid:115980

Trust: 0.1

db:PACKETSTORMid:116648

Trust: 0.1

db:PACKETSTORMid:115550

Trust: 0.1

db:PACKETSTORMid:113943

Trust: 0.1

sources: ZDI: ZDI-12-189 // BID: 53959 // JVNDB: JVNDB-2012-002750 // PACKETSTORM: 113609 // PACKETSTORM: 119007 // PACKETSTORM: 113635 // PACKETSTORM: 123734 // PACKETSTORM: 115980 // PACKETSTORM: 116648 // PACKETSTORM: 115550 // PACKETSTORM: 113943 // CNNVD: CNNVD-201206-242 // NVD: CVE-2012-1721

REFERENCES

url:http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html

Trust: 2.8

url:http://rhn.redhat.com/errata/rhsa-2012-0734.html

Trust: 1.7

url:http://rhn.redhat.com/errata/rhsa-2013-1455.html

Trust: 1.7

url:http://rhn.redhat.com/errata/rhsa-2013-1456.html

Trust: 1.6

url:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html

Trust: 1.6

url:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html

Trust: 1.6

url:http://marc.info/?l=bugtraq&m=134496371727681&w=2

Trust: 1.6

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16358

Trust: 1.6

url:http://www.securityfocus.com/bid/53959

Trust: 1.6

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1721

Trust: 0.8

url:http://jvn.jp/cert/jvnvu162931

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1721

Trust: 0.8

url:http://www.ibm.com/developerworks/java/jdk/alerts/

Trust: 0.7

url:https://www-304.ibm.com/support/docview.wss?uid=swg21650822

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2012-1721

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2012-1713

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2012-1725

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2012-1722

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2012-1716

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2012-0551

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2012-1719

Trust: 0.5

url:http://www.zerodayinitiative.com/advisories/zdi-12-189

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1718

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-1725.html

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1711

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-1717.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-1722.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-0551.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-1721.html

Trust: 0.4

url:https://access.redhat.com/security/team/contact/

Trust: 0.4

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1717

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-1719.html

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1723

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1724

Trust: 0.4

url:https://access.redhat.com/security/team/key/#package

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-1716.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-1713.html

Trust: 0.4

url:http://bugzilla.redhat.com/):

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1726

Trust: 0.4

url:http://www-01.ibm.com/support/docview.wss?uid=swg21650623

Trust: 0.3

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03441075&ac.admitted=1344943226168.876444892.199480143

Trust: 0.3

url:http://java.sun.com

Trust: 0.3

url:http://www.ibm.com/support/docview.wss?uid=swg21617984

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24033779

Trust: 0.3

url:http://support.attachmate.com/techdocs/2560.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24033920

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24033922

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24031555

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24034621

Trust: 0.3

url:https://ics-cert.us-cert.gov/advisories/icsa-17-213-02

Trust: 0.3

url:http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1&ac.admitted=1378134276525.876444892.492883150

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21614441

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21620862

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21632668

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21618977

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21633991

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21633992

Trust: 0.3

url:http://www.vmware.com/security/advisories/vmsa-2012-0013.html

Trust: 0.3

url:http://www.xerox.com/download/security/security-bulletin/16aeb-4cd3628b94080/cert_xrx12-009_v1.1.pdf

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1718.html

Trust: 0.3

url:https://access.redhat.com/knowledge/articles/11258

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1711.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1723.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1724.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-0547.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1682.html

Trust: 0.2

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.2

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.2

url:http://www.hp.com/go/java

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-1720

Trust: 0.2

url:https://www.hp.com/go/swa

Trust: 0.2

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1726.html

Trust: 0.2

url:http://www.zerodayinitiative.com/advisories/disclosure_policy/

Trust: 0.1

url:http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.ht

Trust: 0.1

url:http://twitter.com/thezdi

Trust: 0.1

url:http://www.zerodayinitiative.com

Trust: 0.1

url:http://support.apple.com/kb/ht5319

Trust: 0.1

url:http://secunia.com/psi_30_beta_launch

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=49542

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/49542/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/49542/#comments

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2468.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0873.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3548.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1540.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1476.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2463.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2446.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3521

Trust: 0.1

url:https://access.redhat.com/site/articles/11258

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1500.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0428.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1480.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3556.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2419.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3563.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3546

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0401.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2444.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0425.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2454.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5089.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3551.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5079.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0497.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0500.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0419.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3389.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2422.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3561.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5081.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0409.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5071.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0863.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0423.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1532.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3216.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5069.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0499.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0862

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0867.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5084.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0443.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0507.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2451.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3552.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0809.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1487.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0351.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0814.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3547.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-4820.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3549

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0503.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0427.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0433.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1493.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1569.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5073.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3554.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-4823.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2435.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2456.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-3743.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3549.html

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2407.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3553

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3516.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0871.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3554

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2470.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5068.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1541.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0868.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3389

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-4822.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0873

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3159.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1557.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5075.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2471.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2429.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3548

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3521.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3551

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2443.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3547

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3213.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0441.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2457.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2412.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5072.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3553.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0432.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0446.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1481.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1537.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3545

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1531.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2432.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2447.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0802.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2452.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0865.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0450.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3516

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3545.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1491.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2464.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0862.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1571.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2383.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2418.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3561

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1473.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3556

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1563.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2465.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2472.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2466.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2424.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2453.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3544.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0867

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2473.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2433.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2437.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0506.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5083.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0501.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1533.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3342.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0869

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0426.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2450.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3560.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3550

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3557.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3143.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0440.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0865

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0502.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2417.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0445.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2394.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2455.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0498.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2442.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2459.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2430.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3560

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3546.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0442.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0424.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3552

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3544

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-0869.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2448.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0863

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-3550.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1486.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-5035.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3557

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2384.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0169.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0505.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2469.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0438.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0871

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0868

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1478.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0435.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0434.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0802

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0814

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2420.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2440.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-4681.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4681

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1682

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0547

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3136

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2012-1289.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3136.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0508

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2012-1019.html

Trust: 0.1

sources: ZDI: ZDI-12-189 // BID: 53959 // JVNDB: JVNDB-2012-002750 // PACKETSTORM: 113609 // PACKETSTORM: 119007 // PACKETSTORM: 113635 // PACKETSTORM: 123734 // PACKETSTORM: 115980 // PACKETSTORM: 116648 // PACKETSTORM: 115550 // PACKETSTORM: 113943 // CNNVD: CNNVD-201206-242 // NVD: CVE-2012-1721

CREDITS

Chris Ries

Trust: 0.7

sources: ZDI: ZDI-12-189

SOURCES

db:ZDIid:ZDI-12-189
db:BIDid:53959
db:JVNDBid:JVNDB-2012-002750
db:PACKETSTORMid:113609
db:PACKETSTORMid:119007
db:PACKETSTORMid:113635
db:PACKETSTORMid:123734
db:PACKETSTORMid:115980
db:PACKETSTORMid:116648
db:PACKETSTORMid:115550
db:PACKETSTORMid:113943
db:CNNVDid:CNNVD-201206-242
db:NVDid:CVE-2012-1721

LAST UPDATE DATE

2024-12-21T19:39:07.904000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-12-189date:2012-12-21T00:00:00
db:BIDid:53959date:2017-08-03T12:09:00
db:JVNDBid:JVNDB-2012-002750date:2015-08-11T00:00:00
db:CNNVDid:CNNVD-201206-242date:2022-05-16T00:00:00
db:NVDid:CVE-2012-1721date:2024-11-21T01:37:33.410

SOURCES RELEASE DATE

db:ZDIid:ZDI-12-189date:2012-12-21T00:00:00
db:BIDid:53959date:2012-06-12T00:00:00
db:JVNDBid:JVNDB-2012-002750date:2012-06-19T00:00:00
db:PACKETSTORMid:113609date:2012-06-13T22:56:24
db:PACKETSTORMid:119007date:2012-12-21T23:56:00
db:PACKETSTORMid:113635date:2012-06-13T04:55:10
db:PACKETSTORMid:123734date:2013-10-23T22:57:57
db:PACKETSTORMid:115980date:2012-08-29T04:01:09
db:PACKETSTORMid:116648date:2012-09-19T07:23:27
db:PACKETSTORMid:115550date:2012-08-15T01:42:25
db:PACKETSTORMid:113943date:2012-06-20T14:25:38
db:CNNVDid:CNNVD-201206-242date:2012-06-18T00:00:00
db:NVDid:CVE-2012-1721date:2012-06-16T21:55:03.407