Sign-up

ID

VAR-201208-0292


CVE

CVE-2012-4681


TITLE

Oracle Java JRE 1.7 Expression.execute() and SunToolkit.getField() fail to restrict access to privileged code

Trust: 0.8

sources: CERT/CC: VU#636312

DESCRIPTION

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. Oracle Java Runtime Environment (JRE) 1.7 contains a vulnerability that may allow an applet to call setSecurityManager in a way that allows setting of arbitrary permissions. Oracle Provided by Java 7 Any OS A vulnerability exists that allows the command to be executed. Oracle Provided by Java 7 Is Java Any sandbox is avoided OS A vulnerability exists that allows the command to be executed. Attack code using this vulnerability has been released and attacks have been observed.Crafted Java By opening a web page with an applet embedded, OS The command may be executed. An attacker can exploit the issue to execute arbitrary code in the context of the current process. Oracle Java SE is prone to a weakness in the Java Runtime Environment. The issue can be exploited over multiple protocols and affects the 'AWT' sub-component. Note: The flaw cannot be exploited directly but is dependent on any other security vulnerability that can be directly executed first. This issue affects the following supported versions: 7 Update 6 and before, 6 Update 34 and before. It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-1682) A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions. (CVE-2012-0547) This erratum also upgrades the OpenJDK package to IcedTea6 1.10.9. Refer to the NEWS file, linked to in the References, for further information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03533078 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03533078 Version: 1 HPSBUX02824 SSRT100970 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. HP-UX B.11.23, and B.11.31 running HP JDK and JRE v7.0.02 and earlier BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-0574 (AV:N/AC:L/Au:N/C:N/I:N/A:N) 0.0 CVE-2012-1682 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3136 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-4681 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/go/java HP-UX B.11.23, B.11.31 JDK and JRE v7.0.03 or subsequent MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.03 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70 Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.03.00 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 18 October 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-ibm security update Advisory ID: RHSA-2012:1289-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1289.html Issue date: 2012-09-18 CVE Names: CVE-2012-0547 CVE-2012-0551 CVE-2012-1682 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1719 CVE-2012-1721 CVE-2012-1722 CVE-2012-1725 CVE-2012-1726 CVE-2012-3136 CVE-2012-4681 ===================================================================== 1. Summary: Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-0547, CVE-2012-0551, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-1726, CVE-2012-3136, CVE-2012-4681) All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR2 release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 829358 - CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606) 829360 - CVE-2012-1716 OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614) 829361 - CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617) 829371 - CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851) 829376 - CVE-2012-1725 OpenJDK: insufficient invokespecial <init> verification (HotSpot, 7160757) 829377 - CVE-2012-1726 OpenJDK: java.lang.invoke.MethodHandles.Lookup does not honor access modes (Libraries, 7165628) 831353 - CVE-2012-1721 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 831354 - CVE-2012-1722 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 831355 - CVE-2012-0551 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment) 852051 - CVE-2012-4681 OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473) 853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476) 853138 - CVE-2012-3136 OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567) 853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-plugin-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.i686.rpm x86_64: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-plugin-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.i686.rpm ppc64: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.ppc64.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.ppc64.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.ppc64.rpm java-1.7.0-ibm-jdbc-1.7.0.2.0-1jpp.3.el6_3.ppc64.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.ppc64.rpm s390x: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.s390x.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.s390x.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.s390x.rpm java-1.7.0-ibm-jdbc-1.7.0.2.0-1jpp.3.el6_3.s390x.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.s390x.rpm x86_64: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-plugin-1.7.0.2.0-1jpp.3.el6_3.i686.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.i686.rpm x86_64: java-1.7.0-ibm-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm java-1.7.0-ibm-src-1.7.0.2.0-1jpp.3.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-0547.html https://www.redhat.com/security/data/cve/CVE-2012-0551.html https://www.redhat.com/security/data/cve/CVE-2012-1682.html https://www.redhat.com/security/data/cve/CVE-2012-1713.html https://www.redhat.com/security/data/cve/CVE-2012-1716.html https://www.redhat.com/security/data/cve/CVE-2012-1717.html https://www.redhat.com/security/data/cve/CVE-2012-1719.html https://www.redhat.com/security/data/cve/CVE-2012-1721.html https://www.redhat.com/security/data/cve/CVE-2012-1722.html https://www.redhat.com/security/data/cve/CVE-2012-1725.html https://www.redhat.com/security/data/cve/CVE-2012-1726.html https://www.redhat.com/security/data/cve/CVE-2012-3136.html https://www.redhat.com/security/data/cve/CVE-2012-4681.html https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQWPtvXlSAg2UNWIIRAjubAJ9aWLiD24KwCpPXVoVavMOB69e9AACeIDJA 8OG2piuC4TOxhny9zXTzdXQ= =XCmb -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51" All Oracle JRE 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51" All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51" All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea. NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. References ========== [ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201401-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Web browsers using the Java 7 plug-in are at high risk. Both Java applets delivered via web browsers and stand-alone Java applications are affected, however web browsers using the Java 7 plug-in are at particularly high risk. The Java 7 plug-in, the Java Deployment Toolkit plug-in, and Java Web Start can be used as attack vectors. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a "drive-by download" attack). Some vulnerabilities affect stand-alone Java applications, depending on how the Java application functions and how it processes untrusted data. Reports indicate that at least one of these vulnerabilities is being actively exploited. Impact By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. Stand-alone java applications may also be affected. Disable Java in web browsers These and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates have been installed. As with any software, unnecessary features should be disabled or removed as appropriate for your environment. Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client: For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. Restrict access to Java applets Network administrators unable to disable Java in web browsers may be able to help mitigate these and other Java vulnerabilities by restricting access to Java applets using a web proxy. Most web proxies have features that can be used to block or whitelist requests for .jar and .class files based on network location. Filtering requests that contain a Java User-Agent header may also be effective. For environments where Java is required on the local intranet, the proxy can be configured to allow access to Java applets hosted locally, but block access to Java applets on the internet. References * Vulnerability Note VU#858729 <http://www.kb.cert.org/vuls/id/858729> * Oracle Java SE Critical Patch Update Advisory - February 2013 <http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html> * Setting the Security Level of the Java Client <http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html> * The Security Manager <http://docs.oracle.com/javase/tutorial/essential/environment/security.html> * How to disable the Java web plug-in in Safari <https://support.apple.com/kb/HT5241> * How to turn off Java applets <https://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets> * NoScript <http://noscript.net/> * Securing Your Web Browser <https://www.us-cert.gov/reading_room/securing_browser/#Safari> * Vulnerability Note VU#636312 <http://www.kb.cert.org/vuls/id/636312#solution> * Java SE Development Kit 7, Update 13 (JDK 7u13) <http://www.oracle.com/technetwork/java/javase/7u13-relnotes-1902884.html> * Do Devs Care About Java (In)Security? (Comment about proxy filtering) <http://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showComment=1353874245992#c4794680666510382012> Revision History February 01, 2013: Initial release ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA13-032A Feedback VU#858729" in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the java.beans.Expression class. Due to unsafe handling of reflection of privileged classes inside the Expression class it is possible for untrusted code to gain access to privileged methods and properties. More details can be found at: http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-18357 15.html - -- Disclosure Timeline: 2012-07-24 - Vulnerability reported to vendor 2012-12-21 - Coordinated public release of advisory - -- Credit: This vulnerability was discovered by: * James Forshaw (tyranid) - -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product

Trust: 3.51

sources: NVD: CVE-2012-4681 // CERT/CC: VU#636312 // JVNDB: JVNDB-2012-003918 // BID: 55336 // BID: 55339 // VULMON: CVE-2012-4681 // PACKETSTORM: 116174 // PACKETSTORM: 117662 // PACKETSTORM: 116648 // PACKETSTORM: 124943 // PACKETSTORM: 120006 // PACKETSTORM: 119029

AFFECTED PRODUCTS

vendor:redhatmodel:enterprise linux eusscope:eqversion:6.3

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:1.7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:openjdkmodel: - scope: - version: -

Trust: 0.8

vendor:oraclemodel: - scope: - version: -

Trust: 0.8

vendor:oraclemodel:jdkscope:lteversion:6 update 34

Trust: 0.8

vendor:oraclemodel:jdkscope:lteversion:7 update 6

Trust: 0.8

vendor:oraclemodel:jrescope:lteversion:6 update 34

Trust: 0.8

vendor:oraclemodel:jrescope:lteversion:7 update 6

Trust: 0.8

vendor:sun microsystemsmodel:jdkscope:lteversion:6 update 21

Trust: 0.8

vendor:sun microsystemsmodel:jrescope:lteversion:6 update 21

Trust: 0.8

vendor:necmodel:secureware/ electronic signature development kitscope:eqversion:v1.3

Trust: 0.8

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.6

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.6

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.6

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.6

vendor:ubuntumodel:linux powerpcscope:eqversion:11.04

Trust: 0.6

vendor:ubuntumodel:linux i386scope:eqversion:11.04

Trust: 0.6

vendor:ubuntumodel:linux armscope:eqversion:11.04

Trust: 0.6

vendor:ubuntumodel:linux amd64scope:eqversion:11.04

Trust: 0.6

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.6

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.6

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.6

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.6

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.6

vendor:susemodel:linux enterprise server for vmware sp2scope:eqversion:11

Trust: 0.6

vendor:susemodel:linux enterprise server sp2scope:eqversion:11

Trust: 0.6

vendor:susemodel:linux enterprise desktop sp2scope:eqversion:11

Trust: 0.6

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.6

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.6

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.6

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2011

Trust: 0.6

vendor:mandrivamodel:linux mandrakescope:eqversion:2011

Trust: 0.6

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.6

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.6

vendor:ibmmodel:java se sr1scope:eqversion:7

Trust: 0.6

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.6

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.6

vendor:centosmodel:centosscope:eqversion:6

Trust: 0.6

vendor:centosmodel:centosscope:eqversion:5

Trust: 0.6

vendor:avayamodel:proactive contactscope:eqversion:5.0

Trust: 0.6

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.6

vendor:avayamodel:iqscope:eqversion:5

Trust: 0.6

vendor:avayamodel:iqscope:eqversion:4.0

Trust: 0.6

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.0

Trust: 0.6

vendor:avayamodel:aura presence servicesscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura conferencing sp1 standardscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura communication managerscope:eqversion:6.0.1

Trust: 0.6

vendor:avayamodel:aura communication managerscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.6

vendor:susemodel:opensusescope:eqversion:12.1

Trust: 0.3

vendor:susemodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:redmodel:hat enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redmodel:hat enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:redmodel:hat enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:redmodel:hat enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:redmodel:hat enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:susemodel:linux enterprise java sp2scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise software development kit sp2scope:eqversion:11

Trust: 0.3

vendor:sunmodel:jre 17scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jre 13scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jre 12scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jre 10scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jre 07scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jre 06scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jre 05scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jre 04scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jrescope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jrescope:eqversion:1.7

Trust: 0.3

vendor:sunmodel:jre 1.6.0 31scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 21scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 20scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 19scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 18scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 15scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 14scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 11scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:eqversion:3.27.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.1

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:redhatmodel:network satellite (for rhelscope:eqversion:6)5.5

Trust: 0.3

vendor:redhatmodel:network satellite (for rhelscope:eqversion:5)5.5

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:oraclemodel:jre 1.7.0 4scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.7.0 2scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 32scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 30scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 28scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 27scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 26scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 25scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 24scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 23scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre 1.6.0 22scope: - version: -

Trust: 0.3

vendor:oraclemodel:jre updatescope:eqversion:1.76

Trust: 0.3

vendor:oraclemodel:jre updatescope:eqversion:1.6.034

Trust: 0.3

vendor:ibmmodel:java sdk sr1scope:eqversion:7

Trust: 0.3

vendor:hpmodel:nonstop server j6.0.14.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.16scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.15scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.14.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.14scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.13.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.13scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.12.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.27scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.25.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.25scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.23scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.00scope: - version: -

Trust: 0.3

vendor:hpmodel:jdk and jrescope:eqversion:7.0.2

Trust: 0.3

vendor:hpmodel:jdk and jrescope:eqversion:7.0.1

Trust: 0.3

vendor:hpmodel:jdk and jrescope:eqversion:7.0

Trust: 0.3

vendor:hpmodel:hp-ux b.11.23scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus portal frameworkscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:09-00

Trust: 0.3

vendor:hitachimodel:ucosminexus application serverscope:eqversion:09-00

Trust: 0.3

vendor:hitachimodel:processing kit for xmlscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:hirdbscope:eqversion:8.0

Trust: 0.3

vendor:hitachimodel:hirdbscope:eqversion:7.0

Trust: 0.3

vendor:hitachimodel:cosminexus studioscope:eqversion:4.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:9.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:8.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:7.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:7

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:messaging application serverscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:call management system r16.3scope: - version: -

Trust: 0.3

vendor:avayamodel:call management system r16.2scope: - version: -

Trust: 0.3

vendor:avayamodel:call management system r16.1scope: - version: -

Trust: 0.3

vendor:avayamodel:call management system rscope:eqversion:16

Trust: 0.3

vendor:avayamodel:call management system rscope:eqversion:15

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura communication manager sp2scope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53003.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:neversion:3.29.0

Trust: 0.3

vendor:oraclemodel:jre updatescope:neversion:1.77

Trust: 0.3

vendor:oraclemodel:jre updatescope:neversion:1.6.035

Trust: 0.3

vendor:ibmmodel:java se sr2scope:neversion:7

Trust: 0.3

vendor:ibmmodel:java sdk sr2scope:neversion:7

Trust: 0.3

vendor:hpmodel:jdk and jrescope:neversion:7.0.3

Trust: 0.3

sources: CERT/CC: VU#636312 // BID: 55336 // BID: 55339 // JVNDB: JVNDB-2012-003918 // NVD: CVE-2012-4681

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-4681
value: HIGH

Trust: 1.0

NVD: CVE-2012-4681
value: HIGH

Trust: 0.8

NVD: CVE-2012-4681
value: MEDIUM

Trust: 0.8

VULMON: CVE-2012-4681
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-4681
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: CVE-2012-4681
severity: HIGH
baseScore: 10.0
vectorString: NONE
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

NVD: CVE-2012-4681
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: CERT/CC: VU#636312 // VULMON: CVE-2012-4681 // JVNDB: JVNDB-2012-003918 // NVD: CVE-2012-4681

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-4681

THREAT TYPE

network

Trust: 0.6

sources: BID: 55336 // BID: 55339

TYPE

Unknown

Trust: 0.6

sources: BID: 55336 // BID: 55339

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-003918

EXPLOIT AVAILABILITY
sources:
            
            
            CERT/CC: VU#636312 // 
            
            
            
            VULMON: CVE-2012-4681

PATCH
title:NV13-001url:http://jpn.nec.com/security-info/secinfo/nv13-001.html
Trust: 0.8
title:SUSE-SU-2012:1231url:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html
Trust: 0.8
title:SUSE-SU-2012:1398url:http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
Trust: 0.8
title:Java SE Downloadsurl:http://www.oracle.com/technetwork/java/javase/downloads/index.html
Trust: 0.8
title:The Security Managerurl:http://docs.oracle.com/javase/tutorial/essential/environment/security.html
Trust: 0.8
title:Oracle Security Alert for CVE-2012-4681url:http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
Trust: 0.8
title:RHSA-2012:1225url:http://rhn.redhat.com/errata/RHSA-2012-1225.html
Trust: 0.8
title:TA12-240Aurl:http://software.fujitsu.com/jp/security/vulnerabilities/ta12-240a.html
Trust: 0.8
title:Red Hat: Important: java-1.7.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121223 - Security Advisory
Trust: 0.1
title:Red Hat: Critical: java-1.7.0-oracle security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121225 - Security Advisory
Trust: 0.1
title:Red Hat: Important: java-1.6.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121222 - Security Advisory
Trust: 0.1
title:Red Hat: Critical: java-1.6.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121221 - Security Advisory
Trust: 0.1
title:Red Hat: Critical: java-1.7.0-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121289 - Security Advisory
Trust: 0.1
title:Red Hat: Critical: java-1.6.0-sun security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121392 - Security Advisory
Trust: 0.1
title: - url:https://github.com/Live-Hack-CVE/CVE-2012-4681 
Trust: 0.1
title:PoCs-CVE_2012_4681url:https://github.com/ZH3FENG/PoCs-CVE_2012_4681 
Trust: 0.1
title:Public-Pcapsurl:https://github.com/thongsia/Public-Pcaps 
Trust: 0.1
title:BroMalware-Exerciseurl:https://github.com/LiamRandall/BroMalware-Exercise 
Trust: 0.1
title:CVE-2012-4681-Armoringurl:https://github.com/benjholla/CVE-2012-4681-Armoring 
Trust: 0.1
title:obfuscation-stuffurl:https://github.com/alphaSeclab/obfuscation-stuff 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2012-4681 // 
            
            
            
            JVNDB: JVNDB-2012-003918

EXTERNAL IDS
db:NVDid:CVE-2012-4681
Trust: 3.8
db:USCERTid:TA12-240A
Trust: 1.8
db:CERT/CCid:VU#636312
Trust: 1.7
db:BIDid:55213
Trust: 1.0
db:SECUNIAid:51044
Trust: 1.0
db:JVNDBid:JVNDB-2012-003918
Trust: 0.8
db:ZDIid:ZDI-12-197
Trust: 0.4
db:BIDid:55336
Trust: 0.3
db:HITACHIid:HS12-023
Trust: 0.3
db:ICS CERTid:ICSA-17-213-02
Trust: 0.3
db:BIDid:55339
Trust: 0.3
db:VULMONid:CVE-2012-4681
Trust: 0.1
db:PACKETSTORMid:116174
Trust: 0.1
db:PACKETSTORMid:117662
Trust: 0.1
db:PACKETSTORMid:116648
Trust: 0.1
db:PACKETSTORMid:124943
Trust: 0.1
db:CERT/CCid:VU#858729
Trust: 0.1
db:USCERTid:TA13-032A
Trust: 0.1
db:PACKETSTORMid:120006
Trust: 0.1
db:PACKETSTORMid:119029
Trust: 0.1
sources:
            
            
            CERT/CC: VU#636312 // 
            
            
            
            VULMON: CVE-2012-4681 // 
            
            
            
            BID: 55336 // 
            
            
            
            BID: 55339 // 
            
            
            
            JVNDB: JVNDB-2012-003918 // 
            
            
            
            PACKETSTORM: 116174 // 
            
            
            
            PACKETSTORM: 117662 // 
            
            
            
            PACKETSTORM: 116648 // 
            
            
            
            PACKETSTORM: 124943 // 
            
            
            
            PACKETSTORM: 120006 // 
            
            
            
            PACKETSTORM: 119029 // 
            
            
            
            NVD: CVE-2012-4681

REFERENCES
url:http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
Trust: 2.5
url:https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day
Trust: 1.8
url:http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html
Trust: 1.8
url:http://www.us-cert.gov/cas/techalerts/ta12-240a.html
Trust: 1.8
url:http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html
Trust: 1.0
url:http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/
Trust: 1.0
url:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html
Trust: 1.0
url:http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
Trust: 1.0
url:http://marc.info/?l=bugtraq&m=135109152819176&w=2
Trust: 1.0
url:http://rhn.redhat.com/errata/rhsa-2012-1225.html
Trust: 1.0
url:http://secunia.com/advisories/51044
Trust: 1.0
url:http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html
Trust: 1.0
url:http://www.securityfocus.com/bid/55213
Trust: 1.0
url:http://www.security-explorations.com/en/se-2012-01-faq.html
Trust: 0.8
url:http://docs.oracle.com/javase/tutorial/essential/environment/security.html
Trust: 0.8
url:http://docs.oracle.com/javase/7/docs/api/java/lang/system.html#setsecuritymanager%28java.lang.securitymanager%29
Trust: 0.8
url:http://docs.oracle.com/javase/7/docs/technotes/guides/security/smportguide.html
Trust: 0.8
url:https://support.apple.com/kb/ht5241
Trust: 0.8
url:https://support.mozilla.org/en-us/kb/how%20to%20turn%20off%20java%20applets
Trust: 0.8
url:https://www.java.com/en/download/help/enable_browser.xml
Trust: 0.8
url:http://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html
Trust: 0.8
url:http://docs.oracle.com/javase/7/docs/technotes/guides/deployment/deployment-guide/jcp.html#java
Trust: 0.8
url:http://www.oracle.com/technetwork/java/javase/downloads/index.html
Trust: 0.8
url:http://docs.oracle.com/javase/7/docs/technotes/guides/javaws/developersguide/syntax.html
Trust: 0.8
url:http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-august/020065.html
Trust: 0.8
url:http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-august/020083.html
Trust: 0.8
url:http://support.microsoft.com/kb/2751647
Trust: 0.8
url:http://support.microsoft.com/kb/182569
Trust: 0.8
url:http://blog.eset.ie/2012/08/30/java-zero-day-vulnerability-time-to-disable-java-in-your-browser-at-least/
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4681
Trust: 0.8
url:http://www.ipa.go.jp/security/ciadr/vul/20120831-oracle.html
Trust: 0.8
url:http://www.jpcert.or.jp/at/2012/at120028.html
Trust: 0.8
url:http://jvn.jp/cert/jvnta12-240a/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4681
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/636312
Trust: 0.8
url:http://www.ibm.com/developerworks/java/jdk/alerts/
Trust: 0.7
url:http://java.sun.com
Trust: 0.6
url:https://downloads.avaya.com/css/p8/documents/100169377
Trust: 0.6
url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03533078
Trust: 0.6
url:https://downloads.avaya.com/css/p8/documents/100166370
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2012-1682
Trust: 0.5
url:http://www.zerodayinitiative.com/advisories/zdi-12-197
Trust: 0.4
url:http://www.oracle.com/technetwork/java/index.html
Trust: 0.3
url:http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-023/index.html
Trust: 0.3
url:https://ics-cert.us-cert.gov/advisories/icsa-17-213-02
Trust: 0.3
url:http://prod.lists.apple.com/archives/security-announce/2012/sep/msg00000.html
Trust: 0.3
url:http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1&ac.admitted=1378134276525.876444892.492883150
Trust: 0.3
url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c03538957&ac.admitted=1351166148724.876444892.199480143
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2012-0547
Trust: 0.3
url:https://www.redhat.com/mailman/listinfo/rhsa-announce
Trust: 0.2
url:https://access.redhat.com/security/team/contact/
Trust: 0.2
url:https://access.redhat.com/security/team/key/#package
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2012-0547.html
Trust: 0.2
url:http://bugzilla.redhat.com/):
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2012-1682.html
Trust: 0.2
url:https://access.redhat.com/knowledge/articles/11258
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-3136
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-4681
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-1713
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-1717
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-1721
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-1722
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-1716
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2012-1719
Trust: 0.2
url:https://rhn.redhat.com/errata/rhsa-2012-1222.html
Trust: 0.1
url:http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.9/news
Trust: 0.1
url:https://access.redhat.com/security/updates/classification/#important
Trust: 0.1
url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/
Trust: 0.1
url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/
Trust: 0.1
url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Trust: 0.1
url:https://www.hp.com/go/swa
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0574
Trust: 0.1
url:http://www.hp.com/go/java
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-4681.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1725.html
Trust: 0.1
url:https://access.redhat.com/security/updates/classification/#critical
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1717.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1722.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-0551.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1721.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1719.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1725
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1726.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1716.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-1713.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0551
Trust: 0.1
url:https://rhn.redhat.com/errata/rhsa-2012-1289.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2012-3136.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1726
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0503
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437
Trust: 0.1
url:http://creativecommons.org/licenses/by-sa/2.5
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0501
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1541
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1533
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905
Trust: 0.1
url:http://security.gentoo.org/glsa/glsa-201401-30.xml
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0499
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1532
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0504
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1723
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0507
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-5035
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0502
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1718
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0497
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1531
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1711
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0498
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797
Trust: 0.1
url:http://security.gentoo.org/
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0505
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0506
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430
Trust: 0.1
url:https://bugs.gentoo.org.
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089
Trust: 0.1
url:http://www.kb.cert.org/vuls/id/858729>
Trust: 0.1
url:http://www.us-cert.gov/privacy/notification.html
Trust: 0.1
url:http://www.kb.cert.org/vuls/id/636312#solution>
Trust: 0.1
url:http://docs.oracle.com/javase/tutorial/essential/environment/security.html>
Trust: 0.1
url:https://support.apple.com/kb/ht5241>
Trust: 0.1
url:http://www.us-cert.gov/privacy/
Trust: 0.1
url:https://www.us-cert.gov/reading_room/securing_browser/#safari>
Trust: 0.1
url:http://www.oracle.com/technetwork/java/javase/7u13-relnotes-1902884.html>
Trust: 0.1
url:https://support.mozilla.org/en-us/kb/how%20to%20turn%20off%20java%20applets>
Trust: 0.1
url:http://www.us-cert.gov/cas/signup.html
Trust: 0.1
url:http://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showcomment=1353874245992#c4794680666510382012>
Trust: 0.1
url:http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html>
Trust: 0.1
url:http://www.us-cert.gov/cas/techalerts/ta13-032a.html
Trust: 0.1
url:http://noscript.net/>
Trust: 0.1
url:http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html>
Trust: 0.1
url:http://www.zerodayinitiative.com/advisories/disclosure_policy/
Trust: 0.1
url:http://twitter.com/thezdi
Trust: 0.1
url:http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-18357
Trust: 0.1
url:http://www.zerodayinitiative.com
Trust: 0.1
sources:
            
            
            CERT/CC: VU#636312 // 
            
            
            
            BID: 55336 // 
            
            
            
            BID: 55339 // 
            
            
            
            JVNDB: JVNDB-2012-003918 // 
            
            
            
            PACKETSTORM: 116174 // 
            
            
            
            PACKETSTORM: 117662 // 
            
            
            
            PACKETSTORM: 116648 // 
            
            
            
            PACKETSTORM: 124943 // 
            
            
            
            PACKETSTORM: 120006 // 
            
            
            
            PACKETSTORM: 119029 // 
            
            
            
            NVD: CVE-2012-4681

CREDITS
James Forshaw (tyranid) (via TippingPoint) and Adam Gowdiak of Security Explorations
Trust: 0.3
sources:
            
            
            BID: 55336

SOURCES
db:CERT/CCid:VU#636312
db:VULMONid:CVE-2012-4681
db:BIDid:55336
db:BIDid:55339
db:JVNDBid:JVNDB-2012-003918
db:PACKETSTORMid:116174
db:PACKETSTORMid:117662
db:PACKETSTORMid:116648
db:PACKETSTORMid:124943
db:PACKETSTORMid:120006
db:PACKETSTORMid:119029
db:NVDid:CVE-2012-4681

LAST UPDATE DATE
2024-11-11T20:01:14.311000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#636312date:2013-01-16T00:00:00
db:VULMONid:CVE-2012-4681date:2022-12-21T00:00:00
db:BIDid:55336date:2015-03-19T09:33:00
db:BIDid:55339date:2017-08-02T18:09:00
db:JVNDBid:JVNDB-2012-003918date:2013-02-04T00:00:00
db:NVDid:CVE-2012-4681date:2022-12-21T15:28:09.200

SOURCES RELEASE DATE
db:CERT/CCid:VU#636312date:2012-08-27T00:00:00
db:VULMONid:CVE-2012-4681date:2012-08-28T00:00:00
db:BIDid:55336date:2012-08-30T00:00:00
db:BIDid:55339date:2012-08-30T00:00:00
db:JVNDBid:JVNDB-2012-003918date:2012-08-29T00:00:00
db:PACKETSTORMid:116174date:2012-09-04T00:05:32
db:PACKETSTORMid:117662date:2012-10-25T15:37:06
db:PACKETSTORMid:116648date:2012-09-19T07:23:27
db:PACKETSTORMid:124943date:2014-01-27T18:30:13
db:PACKETSTORMid:120006date:2013-02-02T16:37:58
db:PACKETSTORMid:119029date:2012-12-22T15:43:25
db:NVDid:CVE-2012-4681date:2012-08-28T00:55:01.860