ID

VAR-201210-0266


CVE

CVE-2012-5068


TITLE

Oracle Java SE JRE Unknown security vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-201210-280

DESCRIPTION

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: 7 Update 7, 6 Update 35. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03596813 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03596813 Version: 1 HPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2013-01-07 Last Updated: 2013-01-07 Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on OpenVMS Integrity Servers. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. OpenVMS Integrity JDK and JRE 6.0-3.p1 and earlier. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-1531 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1532 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1533 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3143 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3159 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-3216 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-4416 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5068 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-5069 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2012-5071 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2012-5072 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5073 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5075 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2012-5077 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2012-5079 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2012-5081 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-5083 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5084 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2012-5085 (AV:N/AC:M/Au:S/C:N/I:N/A:N) 0.0 CVE-2012-5086 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5087 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-5089 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has made the following software updates available to resolve these vulnerabilities. The updates are available from the following location: http://h18012.www1.hp.com/java/alpha Kit Name Java SE Development Kit (JDK) 6.0-4 for the OpenVMS I64 Operating System Java SE Runtime Environment (JRE) 6.0-4 for the OpenVMS I64 Operating System HISTORY Version:1 (rev.1) - 7 January 2013 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2012:169 http://www.mandriva.com/security/ _______________________________________________________________________ Package : java-1.6.0-openjdk Date : November 1, 2012 Affected: 2011., Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple security issues were identified and fixed in OpenJDK (icedtea6): * S6631398, CVE-2012-3216: FilePermission improved path checking * S7093490: adjust package access in rmiregistry * S7143535, CVE-2012-5068: ScriptEngine corrected permissions * S7167656, CVE-2012-5077: Multiple Seeders are being created * S7169884, CVE-2012-5073: LogManager checks do not work correctly for sub-types * S7169888, CVE-2012-5075: Narrowing resource definitions in JMX RMI connector * S7172522, CVE-2012-5072: Improve DomainCombiner checking * S7186286, CVE-2012-5081: TLS implementation to better adhere to RFC * S7189103, CVE-2012-5069: Executors needs to maintain state * S7189490: More improvements to DomainCombiner checking * S7189567, CVE-2012-5085: java net obselete protocol * S7192975, CVE-2012-5071: Conditional usage check is wrong * S7195194, CVE-2012-5084: Better data validation for Swing * S7195917, CVE-2012-5086: XMLDecoder parsing at close-time should be improved * S7195919, CVE-2012-5979: (sl) ServiceLoader can throw CCE without needing to create instance * S7198296, CVE-2012-5089: Refactor classloader usage * S7158800: Improve storage of symbol tables * S7158801: Improve VM CompileOnly option * S7158804: Improve config file parsing * S7176337: Additional changes needed for 7158801 fix * S7198606, CVE-2012-4416: Improve VM optimization The updated packages provides icedtea6-1.11.5 which is not vulnerable to these issues. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFQklqImqjQ0CJFipgRAiNOAJ4qA9L2NTdql1htD7pQDNJrDlPnUgCguupW xu3AOptE+B1OsUdPAeTUH5o= =2CFK -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_35 Description: Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5086 CVE-2012-5089 CVE-2012-5979 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.dmg Its SHA-1 digest is: 2ca7594a6f7849b502715e8473cf46ef73570da6 For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX.dmg Its SHA-1 digest is: eff777cdc39b4e3336b3477f60e8ad769ded8532 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQfZ+bAAoJEPefwLHPlZEwF+YP/iVGN+CqCkLf7SavQUwyTQ08 a6+I34hefvCQcLCQ4EBYOzDXUJIlcH2azcGnvQsrrgWgpoE6ykqyj4fkpwLM0nF1 CfcSGOV8hmC2ZtR2PgJLcaP4FDKyNoOqLtKY6KtZnUQNcKBYcdM/y3OON9Zc0F2/ m/nQGnm3RfuXYXzSmTwJVKjuR1MkhUfZ9N6cwYUfjQC6cQaRs4tjeezd1jaobeXZ lfk5Mo/kp3KTwAKsjdwqIThGX/UXdHQm9PnGfU9ktNv0429vKTX4VarPjyLsIeiO GcBjfzRKzWYrbzTyKqKRAmtC/TcTnGJ8AfOjCP6HedeelJEbHB3iBb4ugqHzcPGG ffZ9rZy8SMVppJyv3NeJJN86Kl3etdShmhj7maxyQUopDanpZQraaarkNlSYyLql I0z4/IGX6W4Y2HYI+5wRchSewZi9mU9tw1HFZaoINaPBynEC0jihbeT5P9olX7mL 1OrWyPMPeaXtD9VRaSlV1WwPojJp26XrcWFUu6gqCOWRTzL0h83hNJrQJwTW7PrT g6ryifMGItMkmOuINyniuUbz1PcOiQZ5VhtQn8XbvjX4BpGS6GJ4IAJ0rv9nSeON PGv6JcpEAdjEdsChnDTGGTyUzQSN+HU/KTd7Jngg/Bu1v96ZAqrmVzFVkZi+6dtN 8KhhmiZ54RdiudmsUgFu =TWGY -----END PGP SIGNATURE----- . In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2012-5085) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2012:1386-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1386.html Issue date: 2012-10-17 CVE Names: CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 ===================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Libraries, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084, CVE-2012-5089) The default Java security properties configuration did not restrict access to certain com.sun.org.glassfish packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. This update lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074) Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071, CVE-2012-5069, CVE-2012-5073, CVE-2012-5072) It was discovered that java.util.ServiceLoader could create an instance of an incompatible class while performing provider lookup. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2012-5079) It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS implementation did not properly handle handshake records containing an overly large data length value. An unauthenticated, remote attacker could possibly use this flaw to cause an SSL/TLS server to terminate with an exception. (CVE-2012-5081) It was discovered that the JMX component in OpenJDK could perform certain actions in an insecure manner. An untrusted Java application or applet could possibly use these flaws to disclose sensitive information. (CVE-2012-5070, CVE-2012-5075) A bug in the Java HotSpot Virtual Machine optimization code could cause it to not perform array initialization in certain cases. An untrusted Java application or applet could use this flaw to disclose portions of the virtual machine's memory. (CVE-2012-4416) It was discovered that the SecureRandom class did not properly protect against the creation of multiple seeders. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5077) It was discovered that the java.io.FilePermission class exposed the hash code of the canonicalized path name. An untrusted Java application or applet could possibly use this flaw to determine certain system paths, such as the current working directory. (CVE-2012-3216) This update disables Gopher protocol support in the java.net package by default. Gopher support can be enabled by setting the newly introduced property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. Refer to the NEWS file, linked to in the References, for further information. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 856124 - CVE-2012-4416 OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606) 865346 - CVE-2012-3216 OpenJDK: java.io.FilePermission information leak (Libraries, 6631398) 865348 - CVE-2012-5068 OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535) 865350 - CVE-2012-5070 OpenJDK: EnvHelp information disclosure (JMX, 7158796) 865352 - CVE-2012-5076 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198) 865354 - CVE-2012-5077 OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656) 865357 - CVE-2012-5073 OpenJDK: LogManager security bypass (Libraries, 7169884) 865359 - CVE-2012-5074 OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887) 865363 - CVE-2012-5075 OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888) 865365 - CVE-2012-5072 OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522) 865370 - CVE-2012-5081 OpenJDK: JSSE denial of service (JSSE, 7186286) 865428 - CVE-2012-5086 OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917) 865434 - CVE-2012-5087 OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549) 865471 - CVE-2012-5088 OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190) 865511 - CVE-2012-5084 OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194) 865514 - CVE-2012-5089 OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296) 865519 - CVE-2012-5071 OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975) 865531 - CVE-2012-5069 OpenJDK: Executors state handling issues (Concurrency, 7189103) 865541 - CVE-2012-5085 OpenJDK: disable Gopher support by default (Gopher, 7189567) 865568 - CVE-2012-5079 OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-3216.html https://www.redhat.com/security/data/cve/CVE-2012-4416.html https://www.redhat.com/security/data/cve/CVE-2012-5068.html https://www.redhat.com/security/data/cve/CVE-2012-5069.html https://www.redhat.com/security/data/cve/CVE-2012-5070.html https://www.redhat.com/security/data/cve/CVE-2012-5071.html https://www.redhat.com/security/data/cve/CVE-2012-5072.html https://www.redhat.com/security/data/cve/CVE-2012-5073.html https://www.redhat.com/security/data/cve/CVE-2012-5074.html https://www.redhat.com/security/data/cve/CVE-2012-5075.html https://www.redhat.com/security/data/cve/CVE-2012-5076.html https://www.redhat.com/security/data/cve/CVE-2012-5077.html https://www.redhat.com/security/data/cve/CVE-2012-5079.html https://www.redhat.com/security/data/cve/CVE-2012-5081.html https://www.redhat.com/security/data/cve/CVE-2012-5084.html https://www.redhat.com/security/data/cve/CVE-2012-5085.html https://www.redhat.com/security/data/cve/CVE-2012-5086.html https://www.redhat.com/security/data/cve/CVE-2012-5087.html https://www.redhat.com/security/data/cve/CVE-2012-5088.html https://www.redhat.com/security/data/cve/CVE-2012-5089.html https://access.redhat.com/security/updates/classification/#important http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/NEWS http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQftouXlSAg2UNWIIRAu4QAJ9oluAxlU3ZC8CvezRk4Erm08HD+QCeNlqf GG07IH3dgJiG+gj47Cm1WNQ= =8X+P -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 1.98

sources: NVD: CVE-2012-5068 // BID: 56076 // VULMON: CVE-2012-5068 // PACKETSTORM: 117454 // PACKETSTORM: 119308 // PACKETSTORM: 117825 // PACKETSTORM: 117455 // PACKETSTORM: 123735 // PACKETSTORM: 117477 // PACKETSTORM: 117453 // PACKETSTORM: 117452

AFFECTED PRODUCTS

vendor:oraclemodel:jdkscope:eqversion:1.6.0

Trust: 1.6

vendor:sunmodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:lteversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.6.0.200

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.6.0.210

Trust: 1.0

vendor:oraclemodel:jrescope:lteversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jre 17scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 12scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 10scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.7

Trust: 0.9

vendor:sunmodel:jre 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 17scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 14scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 11scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 10scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 05scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdkscope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 20scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 02scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 7scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 2scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 35scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 30scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 24scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 23scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 22scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdkscope:eqversion:1.7

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 7scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 2scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 35scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 30scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 24scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 23scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 22scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 20scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.6.0 2scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.6.0 01scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 01-b06scope:eqversion:1.6

Trust: 0.6

vendor:xeroxmodel:freeflow print server 73.c0.41scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.b3.61scope: - version: -

Trust: 0.3

vendor:vmwaremodel:virtualcenterscope:eqversion:2.5

Trust: 0.3

vendor:vmwaremodel:vcenter update managerscope:eqversion:5.1

Trust: 0.3

vendor:vmwaremodel:vcenter update managerscope:eqversion:5.0

Trust: 0.3

vendor:vmwaremodel:vcenter serverscope:eqversion:5.0

Trust: 0.3

vendor:vmwaremodel:vcenter serverscope:eqversion:4.1

Trust: 0.3

vendor:vmwaremodel:vcenter serverscope:eqversion:4.0

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:4.1

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:4.0

Trust: 0.3

vendor:vmwaremodel:esxscope:eqversion:3.5

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:12.10

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:12.10

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:11.04

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.04

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:11.04

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.04

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:susemodel:linux enterprise server sp4scope:eqversion:10

Trust: 0.3

vendor:susemodel:linux enterprise java sp4scope:eqversion:10

Trust: 0.3

vendor:sunmodel:jdk 1.6.0 01-b06scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 01scope:eqversion:1.6

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:eqversion:3.27.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.2

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.1

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:redhatmodel:network satellite (for rhelscope:eqversion:6)5.5

Trust: 0.3

vendor:redhatmodel:network satellite (for rhelscope:eqversion:5)5.5

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:11.1

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:11

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:openjdkmodel:openjdkscope:eqversion:7

Trust: 0.3

vendor:openjdkmodel:openjdkscope:eqversion:6

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2011

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2011

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:icedteamodel:icedteascope:eqversion:2.3.2

Trust: 0.3

vendor:icedteamodel:icedteascope:eqversion:2.2.2

Trust: 0.3

vendor:icedteamodel:icedteascope:eqversion:2.1.2

Trust: 0.3

vendor:icedteamodel:icedteascope:eqversion:1.11.4

Trust: 0.3

vendor:icedteamodel:icedteascope:eqversion:1.10.9

Trust: 0.3

vendor:ibmmodel:websphere operational decision managementscope:eqversion:8.0.1

Trust: 0.3

vendor:ibmmodel:websphere operational decision managementscope:eqversion:7.5.0.0

Trust: 0.3

vendor:ibmmodel:websphere mqscope:eqversion:7.5.0.1

Trust: 0.3

vendor:ibmmodel:websphere mqscope:eqversion:7.1.0.3

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:8.0.0.1

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:7.0.0.5

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:7.0.0.4

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:7.0.0.3

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:7.0.0.1

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:7.0.0

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:7.0.0.2

Trust: 0.3

vendor:ibmmodel:websphere ilog jrulesscope:eqversion:7.1.1

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.3

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.2

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.1

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2

Trust: 0.3

vendor:ibmmodel:rational system architectscope:eqversion:11.4.2.1

Trust: 0.3

vendor:ibmmodel:rational synergyscope:eqversion:7.1.0.6

Trust: 0.3

vendor:ibmmodel:rational service testerscope:eqversion:8.3

Trust: 0.3

vendor:ibmmodel:rational performance testerscope:eqversion:8.3

Trust: 0.3

vendor:ibmmodel:rational host on-demandscope:eqversion:11.0

Trust: 0.3

vendor:ibmmodel:rational host on-demandscope:eqversion:11.0.6.1

Trust: 0.3

vendor:ibmmodel:openpages grc platformscope:eqversion:6.2

Trust: 0.3

vendor:hpmodel:nonstop server j6.0.14.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.16scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.15scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.14.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.14scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.13.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.13scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.12.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.27scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.25.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.25scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.23scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.00scope: - version: -

Trust: 0.3

vendor:hpmodel:jdk and jre for openvms integrity servers 6.0-3.p1scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:6

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:5

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura system platform sp1scope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.9.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.8.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.0.3

Trust: 0.3

vendor:avayamodel:aura system platform sp3scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platform sp2scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:vmwaremodel:vcenter server updatescope:neversion:5.11

Trust: 0.3

vendor:vmwaremodel:update manager updatescope:neversion:5.11

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:neversion:3.29.0

Trust: 0.3

vendor:icedteamodel:icedteascope:neversion:2.3.3

Trust: 0.3

vendor:icedteamodel:icedteascope:neversion:2.2.3

Trust: 0.3

vendor:icedteamodel:icedteascope:neversion:2.1.3

Trust: 0.3

vendor:icedteamodel:icedteascope:neversion:1.11.5

Trust: 0.3

vendor:icedteamodel:icedteascope:neversion:1.10.10

Trust: 0.3

vendor:ibmmodel:rational system architectscope:neversion:11.4.2.2

Trust: 0.3

vendor:ibmmodel:rational synergyscope:neversion:7.1.0.7

Trust: 0.3

vendor:ibmmodel:rational service testerscope:neversion:8.3.0.1

Trust: 0.3

vendor:ibmmodel:rational performance testerscope:neversion:8.3.0.1

Trust: 0.3

vendor:ibmmodel:rational host on-demandscope:neversion:11.0.7

Trust: 0.3

vendor:ibmmodel:openpages grc platformscope:neversion:6.2.1

Trust: 0.3

vendor:hpmodel:jdk and jre for openvms integrity serversscope:neversion:6.0-4

Trust: 0.3

sources: BID: 56076 // CNNVD: CNNVD-201210-280 // NVD: CVE-2012-5068

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-5068
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201210-280
value: HIGH

Trust: 0.6

VULMON: CVE-2012-5068
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-5068
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

sources: VULMON: CVE-2012-5068 // CNNVD: CNNVD-201210-280 // NVD: CVE-2012-5068

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-5068

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 119308 // CNNVD: CNNVD-201210-280

TYPE

Unknown

Trust: 0.3

sources: BID: 56076

PATCH

title:Oracle Java SE JRE Fixes for Unknown Security Vulnerabilities in Componentsurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=192735

Trust: 0.6

title:Red Hat: Critical: java-1.6.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121384 - Security Advisory

Trust: 0.1

title:Red Hat: Important: java-1.6.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121385 - Security Advisory

Trust: 0.1

title:Red Hat: Important: java-1.7.0-openjdk security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121386 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: java-1.6.0-sun security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121392 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: java-1.6.0-ibm security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121466 - Security Advisory

Trust: 0.1

title:Red Hat: Critical: java-1.7.0-oracle security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121391 - Security Advisory

Trust: 0.1

title:Amazon Linux AMI: ALAS-2012-136url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2012-136

Trust: 0.1

title:Amazon Linux AMI: ALAS-2012-137url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2012-137

Trust: 0.1

title:Ubuntu Security Notice: openjdk-6, openjdk-7 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1619-1

Trust: 0.1

title:Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20131456 - Security Advisory

Trust: 0.1

title:Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20131455 - Security Advisory

Trust: 0.1

title:Threatposturl:https://threatpost.com/apple-patches-java-flaws-101812/77126/

Trust: 0.1

sources: VULMON: CVE-2012-5068 // CNNVD: CNNVD-201210-280

EXTERNAL IDS

db:NVDid:CVE-2012-5068

Trust: 2.8

db:BIDid:56076

Trust: 2.0

db:SECUNIAid:51029

Trust: 1.7

db:SECUNIAid:51028

Trust: 1.7

db:SECUNIAid:51166

Trust: 1.7

db:SECUNIAid:51327

Trust: 1.7

db:SECUNIAid:51438

Trust: 1.7

db:CNNVDid:CNNVD-201210-280

Trust: 0.6

db:ICS CERTid:ICSA-17-213-02

Trust: 0.3

db:VULMONid:CVE-2012-5068

Trust: 0.1

db:PACKETSTORMid:117454

Trust: 0.1

db:PACKETSTORMid:119308

Trust: 0.1

db:PACKETSTORMid:117825

Trust: 0.1

db:PACKETSTORMid:117455

Trust: 0.1

db:PACKETSTORMid:123735

Trust: 0.1

db:PACKETSTORMid:117477

Trust: 0.1

db:PACKETSTORMid:117453

Trust: 0.1

db:PACKETSTORMid:117452

Trust: 0.1

sources: VULMON: CVE-2012-5068 // BID: 56076 // PACKETSTORM: 117454 // PACKETSTORM: 119308 // PACKETSTORM: 117825 // PACKETSTORM: 117455 // PACKETSTORM: 123735 // PACKETSTORM: 117477 // PACKETSTORM: 117453 // PACKETSTORM: 117452 // CNNVD: CNNVD-201210-280 // NVD: CVE-2012-5068

REFERENCES

url:http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html

Trust: 2.5

url:http://www-01.ibm.com/support/docview.wss?uid=swg21616490

Trust: 2.0

url:http://www-01.ibm.com/support/docview.wss?uid=swg21620037

Trust: 2.0

url:http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_xrx13-003_v1.0.pdf

Trust: 2.0

url:http://rhn.redhat.com/errata/rhsa-2012-1391.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2012-1385.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2012-1386.html

Trust: 1.8

url:http://www.securityfocus.com/bid/56076

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2013-1456.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2012-1392.html

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=135542848327757&w=2

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html

Trust: 1.7

url:http://www-01.ibm.com/support/docview.wss?uid=swg21621154

Trust: 1.7

url:http://rhn.redhat.com/errata/rhsa-2012-1466.html

Trust: 1.7

url:http://marc.info/?l=bugtraq&m=135758563611658&w=2

Trust: 1.7

url:http://secunia.com/advisories/51029

Trust: 1.7

url:http://secunia.com/advisories/51028

Trust: 1.7

url:http://secunia.com/advisories/51438

Trust: 1.7

url:http://secunia.com/advisories/51327

Trust: 1.7

url:http://secunia.com/advisories/51166

Trust: 1.7

url:http://rhn.redhat.com/errata/rhsa-2013-1455.html

Trust: 1.7

url:http://security.gentoo.org/glsa/glsa-201406-32.xml

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/79425

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16533

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-5071

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-5072

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-3216

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-5068

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-5069

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-5073

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-5077

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-5075

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-4416

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-5089

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-5081

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-5086

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-5084

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-5085

Trust: 0.6

url:https://www.redhat.com/security/data/cve/cve-2012-5072.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5073.html

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2012-5079

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5089.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5079.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5068.html

Trust: 0.5

url:https://access.redhat.com/security/team/contact/

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5081.html

Trust: 0.5

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5071.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-3216.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5069.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5075.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2012-5084.html

Trust: 0.5

url:https://access.redhat.com/security/team/key/#package

Trust: 0.5

url:http://bugzilla.redhat.com/):

Trust: 0.5

url:http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-october/020556.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-5085.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-5086.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-4416.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2012-5077.html

Trust: 0.4

url:https://access.redhat.com/knowledge/articles/11258

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1533

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1531

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-1532

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-3143

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2012-3159

Trust: 0.4

url:http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-october/020571.html

Trust: 0.3

url:http://support.apple.com/kb/ht5549

Trust: 0.3

url:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java

Trust: 0.3

url:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java1

Trust: 0.3

url:https://ics-cert.us-cert.gov/advisories/icsa-17-213-02

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100168011

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100168009

Trust: 0.3

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03595351

Trust: 0.3

url:http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1

Trust: 0.3

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03596813

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21621951

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21621771

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21617321

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21617323

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21635864

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21618977

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21625941

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21636462

Trust: 0.3

url:http://www.vmware.com/security/advisories/vmsa-2013-0003.html

Trust: 0.3

url:http://www.vmware.com/security/advisories/vmsa-2013-0006.html

Trust: 0.3

url:www-01.ibm.com/support/docview.wss?uid=swg21621958

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2012-5087

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2012-5083

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-5979

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1532.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-3159.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1531.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-5083.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1533.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-3143.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-5070

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-5070.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-5076.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-5074.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-5076

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-5088

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-5088.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-5087.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-5074

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2012:1384

Trust: 0.1

url:https://usn.ubuntu.com/1619-1/

Trust: 0.1

url:https://alas.aws.amazon.com/alas-2012-136.html

Trust: 0.1

url:http://icedtea.classpath.org/hg/release/icedtea6-1.10/file/icedtea6-1.10.10/news

Trust: 0.1

url:http://h18012.www1.hp.com/java/alpha

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.1

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5075

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5086

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4416

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5089

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3216

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5979

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5081

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5077

Trust: 0.1

url:http://www.mandriva.com/security/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5068

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5071

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5084

Trust: 0.1

url:http://www.mandriva.com/security/advisories

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5073

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5085

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5072

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5069

Trust: 0.1

url:http://support.apple.com/kb/ht1222

Trust: 0.1

url:http://www.apple.com/support/downloads/

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:http://www.o

Trust: 0.1

url:http://gpgtools.org

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2468.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1540.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1476.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2463.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2446.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3342

Trust: 0.1

url:https://access.redhat.com/site/articles/11258

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1500.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0428.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1480.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2419.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4823

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0401.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2444.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0425.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2454.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1722.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0419.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2422.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1721.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0409.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0423.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1541

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0443.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2451.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0809.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1487.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0351.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1719

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-4820.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0427.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1569.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0433.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1493.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-4823.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2435.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2456.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-3743.html

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2407.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2470.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4822

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0547

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1541.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-4822.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1557.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1725

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2471.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2429.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3213

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2443.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0551

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1713.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3213.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0441.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2457.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2412.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1718.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0432.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0446.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-4820

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1481.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1537.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1717.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2432.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2447.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2452.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0450.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1491.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2464.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1571.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2383.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1717

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2418.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1473.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0547.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1563.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2465.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2472.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1722

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2466.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2424.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2453.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1716

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2473.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2433.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2437.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1716.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3342.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0426.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2450.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1718

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0440.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1725.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2417.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0445.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2394.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2455.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1682.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2442.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2459.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1713

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2430.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0442.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-0551.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0424.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1682

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2448.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-1719.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1486.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1721

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2384.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0169.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2469.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0438.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1478.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0435.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0434.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2420.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-2440.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-5067.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-5067

Trust: 0.1

url:http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.5/news

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2012-1384.html

Trust: 0.1

url:http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.3/news

Trust: 0.1

sources: VULMON: CVE-2012-5068 // BID: 56076 // PACKETSTORM: 117454 // PACKETSTORM: 119308 // PACKETSTORM: 117825 // PACKETSTORM: 117455 // PACKETSTORM: 123735 // PACKETSTORM: 117477 // PACKETSTORM: 117453 // PACKETSTORM: 117452 // CNNVD: CNNVD-201210-280 // NVD: CVE-2012-5068

CREDITS

Red Hat

Trust: 0.5

sources: PACKETSTORM: 117454 // PACKETSTORM: 123735 // PACKETSTORM: 117477 // PACKETSTORM: 117453 // PACKETSTORM: 117452

SOURCES

db:VULMONid:CVE-2012-5068
db:BIDid:56076
db:PACKETSTORMid:117454
db:PACKETSTORMid:119308
db:PACKETSTORMid:117825
db:PACKETSTORMid:117455
db:PACKETSTORMid:123735
db:PACKETSTORMid:117477
db:PACKETSTORMid:117453
db:PACKETSTORMid:117452
db:CNNVDid:CNNVD-201210-280
db:NVDid:CVE-2012-5068

LAST UPDATE DATE

2024-11-09T20:17:41.213000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2012-5068date:2017-09-19T00:00:00
db:BIDid:56076date:2017-08-28T03:12:00
db:CNNVDid:CNNVD-201210-280date:2022-05-16T00:00:00
db:NVDid:CVE-2012-5068date:2022-05-13T14:52:58.700

SOURCES RELEASE DATE

db:VULMONid:CVE-2012-5068date:2012-10-16T00:00:00
db:BIDid:56076date:2012-10-17T00:00:00
db:PACKETSTORMid:117454date:2012-10-18T06:07:56
db:PACKETSTORMid:119308date:2013-01-08T04:16:56
db:PACKETSTORMid:117825date:2012-11-02T03:34:46
db:PACKETSTORMid:117455date:2012-10-16T19:22:22
db:PACKETSTORMid:123735date:2013-10-23T22:58:21
db:PACKETSTORMid:117477date:2012-10-18T22:02:02
db:PACKETSTORMid:117453date:2012-10-18T06:07:33
db:PACKETSTORMid:117452date:2012-10-18T06:07:00
db:CNNVDid:CNNVD-201210-280date:2012-10-18T00:00:00
db:NVDid:CVE-2012-5068date:2012-10-16T21:55:01.667