ID

VAR-201206-0060


CVE

CVE-2012-1724


TITLE

Oracle Java SE JRE Component JAXP Subcomponent unidentified security vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-201206-245

DESCRIPTION

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect availability, related to JAXP. The vulnerability can be exploited over multiple protocols. This issue affects the 'JAXP' sub-component. This vulnerability affects the following supported versions: 7 Update 4, 6 Update 32. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section. CVE-2012-1711 CVE-2012-1719 Multiple errors in the CORBA implementation could lead to breakouts of the Java sandbox CVE-2012-1713 Missing input sanitising in the font manager could lead to the execution of arbitrary code. CVE-2012-1716 The SynthLookAndFeel Swing class could be abused to break out of the Java sandbox. CVE-2012-1723 CVE-2012-1725 Validation errors in the bytecode verifier of the Hotspot VM could lead to breakouts of the Java sandbox. * S7143872, CVE-2012-1718: Improve certificate extension processing * S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC * S7152811, CVE-2012-1723: Issues in client compiler * S7157609, CVE-2012-1724: Issues with loop * S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile * S7110720: Issue with vm config file loadingIssue with vm config file loading * S7145239: Finetune package definition restriction * S7160677: missing else in fix for 7152811 The updated packages provides icedtea6-1.11.3 which is not vulnerable to these issues. The verification of md5 checksums and GPG signatures is performed automatically for you. (CVE-2012-1723, CVE-2012-1725) It was discovered that java.lang.invoke.MethodHandles.Lookup did not properly honor access modes. (CVE-2012-1717) This update also fixes the following bug: * Attempting to compile a SystemTap script using the jstack tapset could have failed with an error similar to the following: error: the frame size of 272 bytes is larger than 256 bytes This update corrects the jstack tapset and resolves this issue. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-openjdk security update Advisory ID: RHSA-2012:0729-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0729.html Issue date: 2012-06-13 CVE Names: CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple flaws were discovered in the CORBA (Common Object Request Broker Architecture) implementation in Java. A malicious Java application or applet could use these flaws to bypass Java sandbox restrictions or modify immutable object data. (CVE-2012-1711, CVE-2012-1719) It was discovered that the SynthLookAndFeel class from Swing did not properly prevent access to certain UI elements from outside the current application context. A malicious Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions. (CVE-2012-1716) Multiple flaws were discovered in the font manager's layout lookup implementation. A specially-crafted font file could cause the Java Virtual Machine to crash or, possibly, execute arbitrary code with the privileges of the user running the virtual machine. (CVE-2012-1713) Multiple flaws were found in the way the Java HotSpot Virtual Machine verified the bytecode of the class file to be executed. A specially-crafted Java application or applet could use these flaws to crash the Java Virtual Machine, or bypass Java sandbox restrictions. (CVE-2012-1723, CVE-2012-1725) It was discovered that the Java XML parser did not properly handle certain XML documents. An attacker able to make a Java application parse a specially-crafted XML file could use this flaw to make the XML parser enter an infinite loop. (CVE-2012-1724) It was discovered that the Java security classes did not properly handle Certificate Revocation Lists (CRL). CRL containing entries with duplicate certificate serial numbers could have been ignored. (CVE-2012-1718) It was discovered that various classes of the Java Runtime library could create temporary files with insecure permissions. A local attacker could use this flaw to gain access to the content of such temporary files. (CVE-2012-1717) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.3. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 829354 - CVE-2012-1711 OpenJDK: improper protection of CORBA data models (CORBA, 7079902) 829358 - CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606) 829360 - CVE-2012-1716 OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614) 829361 - CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617) 829371 - CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851) 829372 - CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872) 829373 - CVE-2012-1723 OpenJDK: insufficient field accessibility checks (HotSpot, 7152811) 829374 - CVE-2012-1724 OpenJDK: XML parsing infinite loop (JAXP, 7157609) 829376 - CVE-2012-1725 OpenJDK: insufficient invokespecial <init> verification (HotSpot, 7160757) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.src.rpm i386: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm x86_64: java-1.6.0-openjdk-debuginfo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-1711.html https://www.redhat.com/security/data/cve/CVE-2012-1713.html https://www.redhat.com/security/data/cve/CVE-2012-1716.html https://www.redhat.com/security/data/cve/CVE-2012-1717.html https://www.redhat.com/security/data/cve/CVE-2012-1718.html https://www.redhat.com/security/data/cve/CVE-2012-1719.html https://www.redhat.com/security/data/cve/CVE-2012-1723.html https://www.redhat.com/security/data/cve/CVE-2012-1724.html https://www.redhat.com/security/data/cve/CVE-2012-1725.html https://access.redhat.com/security/updates/classification/#critical http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.3/NEWS http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFP2Ja7XlSAg2UNWIIRAokFAJ9V8VJuhVGk/NeIz9cIUFTWFq0Y/ACfT9AU CU7+p+0KxnampfpTiGqnnPM= =ZEhT -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: uCosminexus Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA49578 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49578/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49578 RELEASE DATE: 2012-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/49578/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49578/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49578 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has acknowledged multiple vulnerabilities in uCosminexus products, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. The vulnerabilities are caused due to vulnerabilities in the bundled version of Cosminexus Developer's Kit for Java. For more information: SA49472 Please see the vendor's advisory for a list of affected products. ORIGINAL ADVISORY: HS12-015: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-015/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03441075 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03441075 Version: 1 HPSBUX02805 SSRT100919 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-08-13 Last Updated: 2012-08-13 - ----------------------------------------------------------------------------- Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE 7.0.02 and 6.0.15 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-0508 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-0551 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-1711 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-1713 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1716 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1718 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1719 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-1720 (AV:L/AC:H/Au:N/C:P/I:P/A:P) 3.7 CVE-2012-1721 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1722 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1723 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1724 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-1725 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1726 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/go/java HP-UX B.11.23, B.11.31 / JDK and JRE v7.0.02 or subsequent HP-UX B.11.23, B.11.31 / JDK and JRE v6.0.15 or subsequent HP-UX B.11.11, B.11.23 / JDK and JRE v6.0.15 or subsequent MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.02 or subsequent For Java v6.0 update to Java v6.0.15 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.02.00 or subsequent HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.15.00 or subsequent HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-DEMO Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS action: install revision 1.6.0.15.00 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 13 August 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Content-Disposition: inline ==========================================================================Ubuntu Security Notice USN-1505-2 August 30, 2012 icedtea-web regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 Summary: USN 1505-1 introduced a regression in the IcedTea-Web Java web browser plugin that prevented it from working with the Chromium web browser. Software Description: - icedtea-web: A web browser plugin to execute Java applets Details: USN-1505-1 fixed vulnerabilities in OpenJDK 6. As part of the update, IcedTea-Web packages were upgraded to a new version. That upgrade introduced a regression which prevented the IcedTea-Web plugin from working with the Chromium web browser in Ubuntu 11.04 and Ubuntu 11.10. We apologize for the inconvenience. (CVE-2012-1724) As part of this update, the IcedTea web browser applet plugin was updated for Ubuntu 10.04 LTS, Ubuntu 11.04, and Ubuntu 11.10. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: icedtea-6-plugin 1.2-2ubuntu0.11.10.3 Ubuntu 11.04: icedtea-6-plugin 1.2-2ubuntu0.11.04.3 After a standard system update you need to restart your web browser to make all the necessary changes

Trust: 2.07

sources: NVD: CVE-2012-1724 // BID: 53958 // VULMON: CVE-2012-1724 // PACKETSTORM: 113609 // PACKETSTORM: 114469 // PACKETSTORM: 113853 // PACKETSTORM: 113945 // PACKETSTORM: 113604 // PACKETSTORM: 113723 // PACKETSTORM: 115550 // PACKETSTORM: 116028 // PACKETSTORM: 114669

AFFECTED PRODUCTS

vendor:oraclemodel:jdkscope:eqversion:1.6.0

Trust: 1.6

vendor:oraclemodel:jrescope:eqversion:1.7.0

Trust: 1.6

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:08-00-01

Trust: 1.5

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:08-00-01

Trust: 1.2

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:07-00

Trust: 1.2

vendor:sunmodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:lteversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:lteversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 17scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 30scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 18scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 22scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 05scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 28scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 14scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 20scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 25scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 18scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 27scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 17scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 2scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 10scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 2scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 27scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 15scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 30scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 12scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdkscope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.7

Trust: 0.9

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 23scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 4scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 1.6.0 19scope: - version: -

Trust: 0.9

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:07-00-06

Trust: 0.9

vendor:sunmodel:jre 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 07scope:eqversion:1.6

Trust: 0.9

vendor:hitachimodel:ucosminexus application server expressscope:eqversion:08-00

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 23scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 13scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 32scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 26scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 21scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 24scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 11scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 10scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdkscope:eqversion:1.7

Trust: 0.9

vendor:hitachimodel:ucosminexus operatorscope:eqversion:07-00-03

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 22scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 24scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 13scope:eqversion:1.6

Trust: 0.9

vendor:hitachimodel:ucosminexus operatorscope:eqversion:07-00-06

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:07-10

Trust: 0.6

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-00-03

Trust: 0.6

vendor:hitachimodel:ucosminexus service platform )scope:eqversion:08-50

Trust: 0.6

vendor:sunmodel:jdk 01-b06scope:eqversion:1.6

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standard )scope:eqversion:06-70

Trust: 0.6

vendor:hitachimodel:ucosminexus service architectscope:eqversion:08-00-02

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standard )scope:eqversion:08-50

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:06-70

Trust: 0.6

vendor:hitachimodel:ucosminexus application server expressscope:eqversion:09-00

Trust: 0.6

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-00

Trust: 0.6

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-00-09

Trust: 0.6

vendor:sunmodel:jre 1.6.0 2scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.6.0 01scope: - version: -

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:08-00

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:08-53

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standard )scope:eqversion:08-00

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:07-50

Trust: 0.6

vendor:sunmodel:jre 1.6.0 20scope: - version: -

Trust: 0.6

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-00-03

Trust: 0.6

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-00-10

Trust: 0.6

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:08-00-02

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:08-00

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:07-60

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-00-06

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standard )scope:eqversion:07-00

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:07-00

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:eqversion:3.27.0

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-00-05

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-03-02

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.00scope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standard 06-71-/bscope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 01scope:eqversion:1.6

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:08-00-01

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standard 06-71-/jscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional 06-70-/bscope: - version: -

Trust: 0.3

vendor:attachmatemodel:reflection suite forscope:eqversion:x2011

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:07-10

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:neversion:3.29.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:07-00

Trust: 0.3

vendor:hitachimodel:ucosminexus application server express )scope:eqversion:08-50

Trust: 0.3

vendor:hpmodel:nonstop server j06.14scope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:ucosminexus application server expressscope:eqversion:09-70

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional 06-70-/ascope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.02scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platform sp2scope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.13scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional 06-71-/bscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:08-00-01

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:hitachimodel:ucosminexus developer light 06-71-/bscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:07-00

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2010.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.04scope: - version: -

Trust: 0.3

vendor:ibmmodel:security appscan sourcescope:eqversion:8.6.0.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.00scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.12.00scope: - version: -

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:3.5

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.01scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.4

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standard 06-71-/hscope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.16scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus client for plug-inscope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server j6.0.14.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:06-70

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.c0.41scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:ucosminexus developerscope:eqversion:010

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:07-03-02

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:hitachimodel:ucosminexus service platform messagingscope:eqversion:-0

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:08-00-02

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.02scope: - version: -

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2011

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.00scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:06-71

Trust: 0.3

vendor:ibmmodel:security appscan sourcescope:neversion:8.6.0.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-10-01

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:hitachimodel:ucosminexus application server express )scope:eqversion:08-00

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.00scope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.4

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standard 06-71-/cscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:08-53

Trust: 0.3

vendor:hpmodel:nonstop server h06.24.01scope: - version: -

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:07-50-10

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-00-06

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:07-00-05

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:6.7

Trust: 0.3

vendor:hpmodel:nonstop server h06.25scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server lightscope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.00scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.b3.61scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-60

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standard )scope:eqversion:08-20

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:ucosminexus developer light 06-70-/bscope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:11.04

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:07-20

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.00scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:07-00-06

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-00-01

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-03-02

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.01scope: - version: -

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:4.0

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:attachmatemodel:reflection for secure it unix serverscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:07-10-01

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standard 06-71-/ascope: - version: -

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.1

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:07-10

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2010.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.00scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional for plug-inscope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.03scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-20

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:08-00

Trust: 0.3

vendor:hpmodel:nonstop server j06.13.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.23scope: - version: -

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.02scope: - version: -

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:08-53

Trust: 0.3

vendor:hpmodel:nonstop serverscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:ucosminexus developer light 06-70-/dscope: - version: -

Trust: 0.3

vendor:attachmatemodel:reflection for secure it windows serverscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:07-00-09

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-00-02

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.04

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:ucosminexus developer lightscope:eqversion:06-70

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:07-00-03

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.04

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.03scope: - version: -

Trust: 0.3

vendor:attachmatemodel:reflectionscope:eqversion:x2011

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:07-00-10

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:ucosminexus developer light 06-70-/ascope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-50

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:07-00

Trust: 0.3

vendor:hpmodel:nonstop server j06.15scope: - version: -

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2011

Trust: 0.3

vendor:hitachimodel:ucosminexus developer lightscope:eqversion:06-71

Trust: 0.3

vendor:attachmatemodel:reflection for secure it unix clientscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:07-60

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server expressscope:eqversion:08-70

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.00scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:08-00-01

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:07-10

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:07-03-02

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:08-50

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer light 06-70-/cscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server express (solaris(sparcscope:eqversion:08-00

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:08-00-02

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:07-00-09

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standard 06-70-/bscope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.3

vendor:hitachimodel:ucosminexus application server smart editionscope:eqversion:0

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26.01scope: - version: -

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura conferencing sp1 standardscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus primary server basescope:eqversion:0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.00scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional 06-71-/cscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-03-03

Trust: 0.3

vendor:hitachimodel:ucosminexus developer light 06-71-/dscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-50-01

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:08-00

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platform sp3scope:eqversion:6.0

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1scope:eqversion:11

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:08-53

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional 06-71-/jscope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 1.6.0 01-b06scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional 06-71-/hscope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:06-70

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-50

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.00scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.03scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server express )scope:eqversion:09-00

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:08-00

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standard-rscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standard 06-70-/cscope: - version: -

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional 06-70-/fscope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.00scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professionalscope:eqversion:08-53

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:11.04

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:06-71

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp2scope:eqversion:11

Trust: 0.3

vendor:hitachimodel:ucosminexus developer light 06-71-/cscope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.02scope: - version: -

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:07-00

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.03scope: - version: -

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:ucosminexus developer professional 06-71-/ascope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.01scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus application server standardscope:eqversion:07-50-10

Trust: 0.3

vendor:hpmodel:nonstop server h06.25.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.27scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.14.02scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standardscope:eqversion:07-00-10

Trust: 0.3

vendor:hitachimodel:ucosminexus developer standard 06-70-/ascope: - version: -

Trust: 0.3

sources: BID: 53958 // CNNVD: CNNVD-201206-245 // NVD: CVE-2012-1724

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-1724
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-201206-245
value: MEDIUM

Trust: 0.6

VULMON: CVE-2012-1724
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-1724
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

sources: VULMON: CVE-2012-1724 // CNNVD: CNNVD-201206-245 // NVD: CVE-2012-1724

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-1724

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 115550 // CNNVD: CNNVD-201206-245

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201206-245

PATCH

title:jre-7u5-solaris-sparcurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43417

Trust: 0.6

title:jre-7u5-windows-i586-iftwurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43416

Trust: 0.6

title:jre-7u5-linux-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43420

Trust: 0.6

title:jre-7u5-linux-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43419

Trust: 0.6

title:jre-7u5-solaris-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43418

Trust: 0.6

title:Red Hat: Important: java-1.6.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120730 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: java-1.6.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120729 - Security Advisory

Trust: 0.1

title:Red Hat: Important: java-1.7.0-openjdk security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121009 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: java-1.6.0-sun security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120734 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: java-1.7.0-oracle security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121019 - Security Advisory

Trust: 0.1

title:Ubuntu Security Notice: icedtea-web regressionurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1505-2

Trust: 0.1

title:Ubuntu Security Notice: icedtea-web, openjdk-6 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1505-1

Trust: 0.1

title:Debian CVElist Bug Report Logs: Multiple security issuesurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=7cdfa8352322325a72cf46ff8e206909

Trust: 0.1

title:Debian Security Advisories: DSA-2507-1 openjdk-6 -- several vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=d2e928cec2eba459dd773bba1bb061d9

Trust: 0.1

title:Amazon Linux AMI: ALAS-2012-088url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2012-088

Trust: 0.1

sources: VULMON: CVE-2012-1724 // CNNVD: CNNVD-201206-245

EXTERNAL IDS

db:NVDid:CVE-2012-1724

Trust: 2.8

db:BIDid:53958

Trust: 2.0

db:CNNVDid:CNNVD-201206-245

Trust: 0.6

db:HITACHIid:HS12-015

Trust: 0.4

db:ICS CERTid:ICSA-17-213-02

Trust: 0.3

db:HITACHIid:HS12-016

Trust: 0.3

db:SECUNIAid:49578

Trust: 0.2

db:VULMONid:CVE-2012-1724

Trust: 0.1

db:PACKETSTORMid:113609

Trust: 0.1

db:PACKETSTORMid:114469

Trust: 0.1

db:PACKETSTORMid:113853

Trust: 0.1

db:PACKETSTORMid:113945

Trust: 0.1

db:PACKETSTORMid:113604

Trust: 0.1

db:PACKETSTORMid:113723

Trust: 0.1

db:PACKETSTORMid:115550

Trust: 0.1

db:PACKETSTORMid:116028

Trust: 0.1

db:PACKETSTORMid:114669

Trust: 0.1

sources: VULMON: CVE-2012-1724 // BID: 53958 // PACKETSTORM: 113609 // PACKETSTORM: 114469 // PACKETSTORM: 113853 // PACKETSTORM: 113945 // PACKETSTORM: 113604 // PACKETSTORM: 113723 // PACKETSTORM: 115550 // PACKETSTORM: 116028 // PACKETSTORM: 114669 // CNNVD: CNNVD-201206-245 // NVD: CVE-2012-1724

REFERENCES

url:http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html

Trust: 2.4

url:http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-june/019076.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2012-0734.html

Trust: 1.8

url:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=134496371727681&w=2

Trust: 1.7

url:http://www.securityfocus.com/bid/53958

Trust: 1.7

url:http://www.mandriva.com/security/advisories?name=mdvsa-2012:095

Trust: 1.7

url:http://www.mandriva.com/security/advisories?name=mdvsa-2013:150

Trust: 1.7

url:http://security.gentoo.org/glsa/glsa-201406-32.xml

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16659

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-1718

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-1713

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-1716

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-1724

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-1711

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-1717

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-1725

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-1723

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-1719

Trust: 0.7

url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-015/index.html

Trust: 0.4

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03441075&ac.admitted=1344943226168.876444892.199480143

Trust: 0.3

url:http://java.sun.com

Trust: 0.3

url:http://support.attachmate.com/techdocs/2560.html

Trust: 0.3

url:https://ics-cert.us-cert.gov/advisories/icsa-17-213-02

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100163510

Trust: 0.3

url:http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1&ac.admitted=1378134276525.876444892.492883150

Trust: 0.3

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04126444

Trust: 0.3

url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-016/index.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21616184

Trust: 0.3

url:http://www.vmware.com/security/advisories/vmsa-2012-0013.html

Trust: 0.3

url:http://www.xerox.com/download/security/security-bulletin/16aeb-4cd3628b94080/cert_xrx12-009_v1.1.pdf

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1725.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1718.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1717.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1711.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1723.html

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1719.html

Trust: 0.3

url:https://access.redhat.com/knowledge/articles/11258

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1724.html

Trust: 0.3

url:https://access.redhat.com/security/team/key/#package

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1716.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2012-1713.html

Trust: 0.3

url:http://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-1721

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-1722

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0551

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-1726

Trust: 0.2

url:http://www.ubuntu.com/usn/usn-1505-1

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=26160

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://usn.ubuntu.com/1505-2/

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1722.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0551.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1721.html

Trust: 0.1

url:http://www.debian.org/security/faq

Trust: 0.1

url:http://www.debian.org/security/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1711

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1719

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1716

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1723

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1725

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1717

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1724

Trust: 0.1

url:http://www.mandriva.com/security/

Trust: 0.1

url:http://www.mandriva.com/security/advisories

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1713

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1718

Trust: 0.1

url:http://icedtea.classpath.org/hg/release/icedtea7-2.2/file/icedtea-2.2.1/news

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2012-1009.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1726.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2012-0729.html

Trust: 0.1

url:http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.3/news

Trust: 0.1

url:http://secunia.com/advisories/49578/

Trust: 0.1

url:http://secunia.com/psi_30_beta_launch

Trust: 0.1

url:http://secunia.com/advisories/49578/#comments

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=49578

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.1

url:http://www.hp.com/go/java

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1720

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0508

Trust: 0.1

url:https://www.hp.com/go/swa

Trust: 0.1

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.11.04.3

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-1505-2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.11.10.3

Trust: 0.1

url:https://launchpad.net/bugs/1025553

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openjdk-6/6b24-1.11.3-1ubuntu0.11.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.11.10.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openjdk-6/6b24-1.11.3-1ubuntu0.11.10.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.10.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openjdk-6/6b24-1.11.3-1ubuntu0.12.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openjdk-6/6b24-1.11.3-1ubuntu0.10.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.11.04.1

Trust: 0.1

sources: VULMON: CVE-2012-1724 // BID: 53958 // PACKETSTORM: 113609 // PACKETSTORM: 114469 // PACKETSTORM: 113853 // PACKETSTORM: 113945 // PACKETSTORM: 113604 // PACKETSTORM: 113723 // PACKETSTORM: 115550 // PACKETSTORM: 116028 // PACKETSTORM: 114669 // CNNVD: CNNVD-201206-245 // NVD: CVE-2012-1724

CREDITS

Oracle

Trust: 0.3

sources: BID: 53958

SOURCES

db:VULMONid:CVE-2012-1724
db:BIDid:53958
db:PACKETSTORMid:113609
db:PACKETSTORMid:114469
db:PACKETSTORMid:113853
db:PACKETSTORMid:113945
db:PACKETSTORMid:113604
db:PACKETSTORMid:113723
db:PACKETSTORMid:115550
db:PACKETSTORMid:116028
db:PACKETSTORMid:114669
db:CNNVDid:CNNVD-201206-245
db:NVDid:CVE-2012-1724

LAST UPDATE DATE

2024-11-12T21:39:46.191000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2012-1724date:2018-01-18T00:00:00
db:BIDid:53958date:2017-08-03T11:09:00
db:CNNVDid:CNNVD-201206-245date:2022-05-16T00:00:00
db:NVDid:CVE-2012-1724date:2022-05-13T14:52:55.103

SOURCES RELEASE DATE

db:VULMONid:CVE-2012-1724date:2012-06-16T00:00:00
db:BIDid:53958date:2012-06-12T00:00:00
db:PACKETSTORMid:113609date:2012-06-13T22:56:24
db:PACKETSTORMid:114469date:2012-07-05T18:33:01
db:PACKETSTORMid:113853date:2012-06-19T01:15:18
db:PACKETSTORMid:113945date:2012-06-20T14:26:44
db:PACKETSTORMid:113604date:2012-06-13T22:55:21
db:PACKETSTORMid:113723date:2012-06-15T04:27:32
db:PACKETSTORMid:115550date:2012-08-15T01:42:25
db:PACKETSTORMid:116028date:2012-08-30T00:37:34
db:PACKETSTORMid:114669date:2012-07-13T02:22:30
db:CNNVDid:CNNVD-201206-245date:2012-06-18T00:00:00
db:NVDid:CVE-2012-1724date:2012-06-16T21:55:03.547