ID

VAR-201302-0020


CVE

CVE-2012-3213


TITLE

Oracle Java contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#858729

DESCRIPTION

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists due to insufficient checks during deserialization in the NativeJavaConstructor class that is part of the Rhino JavaScript Engine. This allows for the construction of otherwise privileged objects which can lead to remote code execution under the context of the current user. Note: This issue was previously discussed in BID 57670 (Oracle Java Runtime Environment Multiple Security Vulnerabilities) but has been given its own record to better document it. This vulnerability affects the following supported versions: 7 Update 11, 6 Update 38. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 is now available and addresses the following: Java Available for: OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_37 Description: Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at http://www.oracle.com/technetwork/java/javase/ releasenotes-136954.html CVE-ID CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java Description: Multiple vulnerabilities existed in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2013-1486 CVE-2013-1487 CVE-2013-1488 Malware removal Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Description: This update runs a malware removal tool that will remove the most common variants of malware. If malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found. Java for OS X 2013-001 and Java for Mac OS X 10.6 Update 13 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.Update13.dmg Its SHA-1 digest is: 5327984bc0b300c237fe69cecf69513624f56b0e For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX2013-001.dmg Its SHA-1 digest is: 145d74354241cf2f567d2768bbd0a7185e7d308a Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJRI/A/AAoJEPefwLHPlZEwDp4QAKz9nfo397KaudpFDey26bsb GNR8HQ3Z5Ln0ArgwBcc2XabzIYXsjmY7nPdZgq1m0sWgFGWtfQ7qslRooUyNLOsB WUddu+hQYvPn3CJOZsaPfTA2mfK6Qk9LeyqzUUkZrRNltHnIFMO7uXLEIdrFdnnx exFMPjbIq+xM5UZgvd/2grtF4DaZHnbcK+t/tDwH09/hGRQ+l+3a/3FB2S1Av85c FSuiieyrz2NNnDwFCj5NeSFQuK7hr52TiSOEPYI2eiTepyBHrUy03wAe8uwIzQII RjkY3Nbc8AZt0Q6lq5TgsQbH+vrwVE07nty36uMKmE2vJXyOAIZjfrrwv9SetLwd QnU5NYMbeHAHmSN5JQfuvDxEfL15/7Jafw2noJGotdrMzs6XQACFIHKqLORdwNkp sltj3LwykpcyoCR8Dq7NPafqhp2wySaHX8DFSohcq1aa1w+SLDgPCZUAzknwokCL f/hVQzP6hD0uHP/2jsLjh5g6TgHmCRdR+CKCs7QZaYAUketelRX9YOcgcXzqf5sy EcbDvJ+rd3KsQ9gIByGwVhHD87NSZDJAyG0ROjMMS9w/7l7nhGxedzGzlyK3oNl/ VpewgZ8FpUrvY80HOPz5XyFmX+HQoSnJ8er6OI5AvHBPn+Z1yHDLS5zpLeDD/wO9 rmbzMJjZUnlCDXoLEVQ9 =qlVo -----END PGP SIGNATURE----- . Download and install the updates from The HP Software Support Online (SSO). SM 9.31P2 Server Windows Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00423 HP Itanium Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00420 Linux Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00421 Solaris Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00422 AIX Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00419 SM 9.31P2 Web Tier Web Tier 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00424 SM 9.31P2 Windows Client Windows Client 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00425 SM 9.31P2 Knowledge Management SM 9.31P2 Knowledge Management http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00426 HP Service Manager v7.11 Patch URL AIX Server 7.11.655 p21 http://support.openview.hp.com/selfsolve/document/LID/HPSM_00482 HP Itanium Server 7.11.655 p21 http://support.openview.hp.com/selfsolve/document/LID/HPSM_00483 HP parisc Server 7.11.655 p21 http://support.openview.hp.com/selfsolve/document/LID/HPSM_00484 Linux x86 Server 7.11.655 p21 http://support.openview.hp.com/selfsolve/document/LID/HPSM_00485 Solaris Server 7.11.655 p21 http://support.openview.hp.com/selfsolve/document/LID/HPSM_00486 Windows Server 7.11.655 p21 http://support.openview.hp.com/selfsolve/document/LID/HPSM_00487 Web Tier 7.11.655 p21 http://support.openview.hp.com/selfsolve/document/LID/HPSM_00488 Windows Client 7.11.655 p21 http://support.openview.hp.com/selfsolve/document/LID/HPSM_00489 HISTORY Version:1 (rev.1) - 29 April 2013 Initial release Version:2 (rev.2) - 30 October 2013 added HP Service Manager v7.11 Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-ibm security update Advisory ID: RHSA-2013:0626-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0626.html Issue date: 2013-03-11 CVE Names: CVE-2012-1541 CVE-2012-3174 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0422 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0431 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0437 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0445 CVE-2013-0446 CVE-2013-0449 CVE-2013-0450 CVE-2013-0809 CVE-2013-1473 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487 CVE-2013-1493 ===================================================================== 1. Summary: Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-1541, CVE-2012-3174, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0422, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0449, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487, CVE-2013-1493) All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR4 release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 894172 - CVE-2013-0422 OpenJDK: MethodHandles.Lookup incorrect permission checks, Java 7 0day (Libraries, 8006017) 894934 - CVE-2012-3174 OpenJDK: MethodHandles incorrect permission checks (Libraries, 8004933) 906447 - CVE-2013-0431 OpenJDK: JMX Introspector missing package access check (JMX, 8000539, SE-2012-01 Issue 52) 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068) 906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906932 - CVE-2013-0449 Oracle JDK: unspecified vulnerability fixed in 7u13 (Deployment) 906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907218 - CVE-2013-0444 OpenJDK: MethodFinder insufficient checks for cached results (Beans, 7200493) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907222 - CVE-2013-0437 Oracle JDK: unspecified vulnerability fixed in 7u13 (2D) 907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066) 913014 - CVE-2013-1486 OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446) 913021 - CVE-2013-1484 OpenJDK: MethodHandleProxies insufficient privilege checks (Libraries, 8004937) 913025 - CVE-2013-1485 OpenJDK: MethodHandles insufficient privilege checks (Libraries, 8006439) 913030 - CVE-2013-1487 Oracle JDK: unspecified vulnerability fixed in 6u41 and 7u15 (Deployment) 917550 - CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014) 917553 - CVE-2013-1493 OpenJDK: CMM malformed raster memory corruption (2D, 8007675) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.i386.rpm x86_64: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.i386.rpm ppc: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.ppc.rpm java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.ppc64.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.ppc.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.ppc64.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.ppc.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.ppc64.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.ppc.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.ppc64.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el5_9.ppc.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.ppc.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.ppc64.rpm s390x: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.s390.rpm java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.s390x.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.s390.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.s390x.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.s390.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.s390x.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.s390.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.s390x.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.s390.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.s390x.rpm x86_64: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.i386.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el5_9.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.i686.rpm x86_64: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.i686.rpm ppc64: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.ppc64.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.ppc64.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.ppc64.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el6_4.ppc64.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.ppc64.rpm s390x: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.s390x.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.s390x.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.s390x.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el6_4.s390x.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.s390x.rpm x86_64: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el6_4.i686.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.i686.rpm x86_64: java-1.7.0-ibm-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm java-1.7.0-ibm-src-1.7.0.4.0-1jpp.2.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2012-1541.html https://www.redhat.com/security/data/cve/CVE-2012-3174.html https://www.redhat.com/security/data/cve/CVE-2012-3213.html https://www.redhat.com/security/data/cve/CVE-2012-3342.html https://www.redhat.com/security/data/cve/CVE-2013-0351.html https://www.redhat.com/security/data/cve/CVE-2013-0409.html https://www.redhat.com/security/data/cve/CVE-2013-0419.html https://www.redhat.com/security/data/cve/CVE-2013-0422.html https://www.redhat.com/security/data/cve/CVE-2013-0423.html https://www.redhat.com/security/data/cve/CVE-2013-0424.html https://www.redhat.com/security/data/cve/CVE-2013-0425.html https://www.redhat.com/security/data/cve/CVE-2013-0426.html https://www.redhat.com/security/data/cve/CVE-2013-0427.html https://www.redhat.com/security/data/cve/CVE-2013-0428.html https://www.redhat.com/security/data/cve/CVE-2013-0431.html https://www.redhat.com/security/data/cve/CVE-2013-0432.html https://www.redhat.com/security/data/cve/CVE-2013-0433.html https://www.redhat.com/security/data/cve/CVE-2013-0434.html https://www.redhat.com/security/data/cve/CVE-2013-0435.html https://www.redhat.com/security/data/cve/CVE-2013-0437.html https://www.redhat.com/security/data/cve/CVE-2013-0438.html https://www.redhat.com/security/data/cve/CVE-2013-0440.html https://www.redhat.com/security/data/cve/CVE-2013-0441.html https://www.redhat.com/security/data/cve/CVE-2013-0442.html https://www.redhat.com/security/data/cve/CVE-2013-0443.html https://www.redhat.com/security/data/cve/CVE-2013-0444.html https://www.redhat.com/security/data/cve/CVE-2013-0445.html https://www.redhat.com/security/data/cve/CVE-2013-0446.html https://www.redhat.com/security/data/cve/CVE-2013-0449.html https://www.redhat.com/security/data/cve/CVE-2013-0450.html https://www.redhat.com/security/data/cve/CVE-2013-0809.html https://www.redhat.com/security/data/cve/CVE-2013-1473.html https://www.redhat.com/security/data/cve/CVE-2013-1476.html https://www.redhat.com/security/data/cve/CVE-2013-1478.html https://www.redhat.com/security/data/cve/CVE-2013-1480.html https://www.redhat.com/security/data/cve/CVE-2013-1484.html https://www.redhat.com/security/data/cve/CVE-2013-1485.html https://www.redhat.com/security/data/cve/CVE-2013-1486.html https://www.redhat.com/security/data/cve/CVE-2013-1487.html https://www.redhat.com/security/data/cve/CVE-2013-1493.html https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRPja8XlSAg2UNWIIRAheUAJ0YfD3Wq1TJTNvd9g6aoCaIIOMstgCfRXuh Y+iAc4f3P9/We3tINcGRMdo= =Yacn -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51" All Oracle JRE 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51" All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51" All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea. NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically. References ========== [ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201401-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Oracle Java Multiple Vulnerabilities SECUNIA ADVISORY ID: SA52064 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52064/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52064 RELEASE DATE: 2013-02-02 DISCUSS ADVISORY: http://secunia.com/advisories/52064/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/52064/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=52064 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious local users to gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code. 2) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code. 5) An unspecified error in the AWT component of the client and server deployment can be exploited to potentially execute arbitrary code. 23) An unspecified error in the Deployment component of the client deployment can be exploited to disclose and manipulate certain data and cause a DoS. 24) An unspecified error in the Install component of the client deployment can be exploited by a local user to gain escalated privileges. 25) An unspecified error in the AWT component of the client deployment can be exploited to disclose and manipulate certain data. 26) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data. 27) An unspecified error in the Deployment component of the client deployment can be exploited to manipulate certain data. 28) An unspecified error in the JAX-WS component of the client deployment can be exploited to disclose certain data. 29) An unspecified error in the JAXP component of the client deployment can be exploited to disclose certain data. 30) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data. 31) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data. 32) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data. 33) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data. 34) An unspecified error in the Networking component of the client deployment can be exploited to manipulate certain data. 35) An unspecified error in the RMI component of the client deployment can be exploited to manipulate certain data. 36) An unspecified error in the JSSE component of the server deployment can be exploited via SSL/TLS to cause a DoS. 37) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data. 38) An unspecified error in the JSSE component of the client deployment can be exploited via SSL/TLS to disclose and manipulate certain data. The vulnerabilities are reported in the following products: * JDK and JRE 7 Update 11 and earlier. * JDK and JRE 6 Update 38 and earlier. * JDK and JRE 5.0 Update 38 and earlier. * SDK and JRE 1.4.2_40 and earlier. SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: One of the vulnerabilities is reported as a 0-day. It is currently unclear who reported the remaining vulnerabilities as the Oracle Jave SE Critical Patch Update for February 2013 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03725347 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03725347 Version: 1 HPSBUX02864 SSRT101156 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2013-04-03 Last Updated: 2013-04-03 Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.17 and earlier BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2012-1541 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3213 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3342 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0351 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-0409 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0419 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0423 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0424 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0425 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0426 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0427 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0428 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-0433 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0434 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0435 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0438 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-0440 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0441 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0442 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0443 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0 CVE-2013-0445 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0446 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0450 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1473 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-1475 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1476 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1478 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1480 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1481 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1493 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/java OS Version Release Version HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.18 or subsequent MANUAL ACTIONS: Yes - Update For Java v6.0 update to Java v6.0.18 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.18.00 or subsequent HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.18.00 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 3 April 2013 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

Trust: 3.33

sources: NVD: CVE-2012-3213 // CERT/CC: VU#858729 // ZDI: ZDI-13-011 // BID: 57717 // PACKETSTORM: 120419 // PACKETSTORM: 120739 // PACKETSTORM: 123874 // PACKETSTORM: 120036 // PACKETSTORM: 120735 // PACKETSTORM: 124943 // PACKETSTORM: 124431 // PACKETSTORM: 120009 // PACKETSTORM: 121286

AFFECTED PRODUCTS

vendor:oraclemodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 17scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 8scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 30scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 18scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 35scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 22scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 05scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 28scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 14scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 20scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 38scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 25scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 07scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 35scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 18scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 27scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 19scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 10scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 17scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 2scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 10scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 8scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 2scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 04scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 10scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 37scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 15scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 30scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 12scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 7scope: - version: -

Trust: 0.9

vendor:sunmodel:jdkscope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.7

Trust: 0.9

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 23scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 9scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 1.6.0 19scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 9scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 38scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 07scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 11scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 23scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 13scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 7scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 32scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 26scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 21scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 24scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 11scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 10scope:eqversion:1.6

Trust: 0.9

vendor:oraclemodel:jdkscope:eqversion:1.7

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 22scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 24scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 13scope:eqversion:1.6

Trust: 0.9

vendor:applemodel: - scope: - version: -

Trust: 0.8

vendor:oraclemodel: - scope: - version: -

Trust: 0.8

vendor:oraclemodel:java runtimescope: - version: -

Trust: 0.7

vendor:sunmodel:jdk 01-b06scope:eqversion:1.6

Trust: 0.6

vendor:sunmodel:jre 1.6.0 2scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.6.0 01scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.6.0 20scope: - version: -

Trust: 0.6

vendor:susemodel:linux enterprise software development kit sp2scope:eqversion:11

Trust: 0.6

vendor:ibmmodel:java se sr13scope:neversion:6

Trust: 0.3

vendor:avayamodel:meeting exchange web conferencing serverscope:eqversion:-6.0

Trust: 0.3

vendor:ibmmodel:java sdk sr14scope:eqversion:5

Trust: 0.3

vendor:ibmmodel:websphere mqscope:eqversion:7.5.0.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2.1

Trust: 0.3

vendor:ibmmodel:websphere mqscope:eqversion:7.1

Trust: 0.3

vendor:redhatmodel:network satellite (for rhelscope:eqversion:6)5.5

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:eqversion:3.27.0

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1.1

Trust: 0.3

vendor:avayamodel:cms r15scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.01scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.3.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.00scope: - version: -

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.3

Trust: 0.3

vendor:ibmmodel:java sdk sr15scope:eqversion:5

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:4.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:11.10

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:sunmodel:jdk 01scope:eqversion:1.6

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.1

Trust: 0.3

vendor:ibmmodel:maximo asset management essentialsscope:eqversion:7.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.02scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r16.3scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.02scope: - version: -

Trust: 0.3

vendor:avayamodel:meeting exchange client registration serverscope:eqversion:-6.0

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:4.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:neversion:3.29.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.02scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:1.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.14scope: - version: -

Trust: 0.3

vendor:avayamodel:call management system r16.1scope: - version: -

Trust: 0.3

vendor:ibmmodel:java se sr2scope:eqversion:7

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.1

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.3

Trust: 0.3

vendor:ibmmodel:java sdk sr4scope:eqversion:6.0.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.03scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2.3

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.02scope: - version: -

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.6

Trust: 0.3

vendor:ibmmodel:tivoli business service managerscope:neversion:6.1.10

Trust: 0.3

vendor:redhatmodel:network satellite (for rhelscope:eqversion:5)5.5

Trust: 0.3

vendor:hpmodel:service managerscope:eqversion:7.11

Trust: 0.3

vendor:ibmmodel:java se sr5scope:neversion:6.0.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.13scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:5.1

Trust: 0.3

vendor:ubuntumodel:linux amd64scope:eqversion:12.10

Trust: 0.3

vendor:susemodel:linux enterprise server sp4scope:eqversion:10

Trust: 0.3

vendor:ibmmodel:tivoli endpoint manager for remote controlscope:eqversion:8.2.1

Trust: 0.3

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.04scope: - version: -

Trust: 0.3

vendor:susemodel:linux enterprise server sp2scope:eqversion:11

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.5

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:12.10

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.3

vendor:ibmmodel:websphere mqscope:eqversion:7.1.0.2

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:call management system r16.2scope: - version: -

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.00scope: - version: -

Trust: 0.3

vendor:ibmmodel:java sdk sr3scope:eqversion:6.0.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.00scope: - version: -

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integration physical applianscope:eqversion:6.3

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.12.00scope: - version: -

Trust: 0.3

vendor:avayamodel:irscope:eqversion:4.0

Trust: 0.3

vendor:ibmmodel:java se sr4scope:neversion:7

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.4

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.3

vendor:ibmmodel:tivoli system automation for integrated operations managementscope:eqversion:2.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.01scope: - version: -

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.5

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:6.1.0.11

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.16scope: - version: -

Trust: 0.3

vendor:ibmmodel:java sdk sr3scope:eqversion:7

Trust: 0.3

vendor:ibmmodel:websphere operational decision managementscope:eqversion:7.5.0.0

Trust: 0.3

vendor:hpmodel:nonstop server j6.0.14.01scope: - version: -

Trust: 0.3

vendor:ibmmodel:rational host on-demandscope:eqversion:11.0.7

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.3

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.c0.41scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.2.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2.2

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.3

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.0.1

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1

Trust: 0.3

vendor:susemodel:linux enterprise server sp3 ltssscope:eqversion:10

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integration live saas offeriscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.2

Trust: 0.3

vendor:ibmmodel:websphere mqscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdk sr13scope:neversion:6

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:56009.7

Trust: 0.3

vendor:ibmmodel:java sdk sr1scope:eqversion:7

Trust: 0.3

vendor:mercurymodel:interactive service manager web tierscope:eqversion:9.30

Trust: 0.3

vendor:ibmmodel:java sdk sr4scope:neversion:7

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.4

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:9.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.02scope: - version: -

Trust: 0.3

vendor:ibmmodel:java sdk sr5scope:neversion:6.0.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.02scope: - version: -

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0.1

Trust: 0.3

vendor:hpmodel:service managerscope:eqversion:9.31

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.00scope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.3

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:hpmodel:nonstop server h06.24.01scope: - version: -

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.2

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.5

Trust: 0.3

vendor:hpmodel:nonstop server h06.25scope: - version: -

Trust: 0.3

vendor:ibmmodel:websphere ilog jrulesscope:eqversion:7.1.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.00scope: - version: -

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:conferencing standard editionscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:cms r17scope: - version: -

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.1

Trust: 0.3

vendor:ibmmodel:java se sr11scope:eqversion:6

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:call management system rscope:eqversion:15

Trust: 0.3

vendor:mercurymodel:interactive service manager web tierscope:eqversion:7.11

Trust: 0.3

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2

Trust: 0.3

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integrationscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli remote controlscope:eqversion:5.1.2

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integration virtual appliancscope:eqversion:6.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.00scope: - version: -

Trust: 0.3

vendor:susemodel:linux enterprise server for vmware sp2scope:eqversion:11

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.2

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.1.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.04scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura system manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:susemodel:linux enterprise server sp1 for vmware ltscope:eqversion:11

Trust: 0.3

vendor:ibmmodel:java se sr1scope:eqversion:7

Trust: 0.3

vendor:avayamodel:aura communication managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:hpmodel:nonstop server h06.15.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.24scope: - version: -

Trust: 0.3

vendor:avayamodel:ip office server editionscope:eqversion:8.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.03scope: - version: -

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2

Trust: 0.3

vendor:avayamodel:call management system r16.3scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.c5.11scope: - version: -

Trust: 0.3

vendor:avayamodel:voice portal sp3scope:eqversion:5.1

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:tivoli endpoint manager for remote controlscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.3

Trust: 0.3

vendor:hpmodel:nonstop server j06.13.01scope: - version: -

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.1.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.23scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli system automation for integrated operations managementscope:neversion:2.1.1.4

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.3

Trust: 0.3

vendor:ibmmodel:tivoli business service managerscope:eqversion:4.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.3

Trust: 0.3

vendor:avayamodel:meeting exchange streaming serverscope:eqversion:-6.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.02scope: - version: -

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1

Trust: 0.3

vendor:avayamodel:call management system rscope:eqversion:16

Trust: 0.3

vendor:ibmmodel:java sdk sr2scope:eqversion:7

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.0

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.5

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.3

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:hpmodel:servicecenter web tierscope:eqversion:6.2.8

Trust: 0.3

vendor:hpmodel:nonstop server h06.22.01scope: - version: -

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.2

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.2

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.3

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:meeting exchange recording serverscope:eqversion:-6.0

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.1

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.03scope: - version: -

Trust: 0.3

vendor:mercurymodel:interactive service manager web tierscope:eqversion:9.31

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:7.0.0.5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:4.1

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.2

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2

Trust: 0.3

vendor:ibmmodel:maximo asset management essentialsscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:3.1.1

Trust: 0.3

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.2.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:3.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.15scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli business service managerscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura experience portal sp2scope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.02scope: - version: -

Trust: 0.3

vendor:ibmmodel:tivoli business service managerscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.00scope: - version: -

Trust: 0.3

vendor:avayamodel:aura presence services sp2scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura presence services sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:websphere operational decision managementscope:eqversion:8.0.1

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.1

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.4

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.02scope: - version: -

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.07.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.2

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.19.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.4

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.2

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.1.2

Trust: 0.3

vendor:ubuntumodel:linux i386scope:eqversion:11.10

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.11.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.26.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:susemodel:linux enterprise server sp1 ltssscope:eqversion:11

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.1

Trust: 0.3

vendor:avayamodel:messaging application serverscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:susemodel:linux enterprise java sp2scope:eqversion:11

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.01scope: - version: -

Trust: 0.3

vendor:ibmmodel:websphere cast iron cloud integration studioscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura conferencing sp1 standardscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.3

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.2

Trust: 0.3

vendor:hpmodel:nonstop server j06.04.00scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.0.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.21.00scope: - version: -

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53003.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.06.03scope: - version: -

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.4

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.01scope: - version: -

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.1

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.1

Trust: 0.3

vendor:avayamodel:aura experience portal sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.5

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:cms r16scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system manager sp3scope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.2

Trust: 0.3

vendor:sunmodel:jdk 1.6.0 01-b06scope: - version: -

Trust: 0.3

vendor:avayamodel:aura conferencingscope:eqversion:7.0

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:conferencing standard editionscope:neversion:7.0

Trust: 0.3

vendor:avayamodel:meeting exchange webportalscope:eqversion:-6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.00scope: - version: -

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:8.0.0.2

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.03scope: - version: -

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.1

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2

Trust: 0.3

vendor:hpmodel:nonstop server h06.16.02scope: - version: -

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:5.2.4

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1.0.9.8

Trust: 0.3

vendor:ibmmodel:tivoli business service managerscope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:nonstop server j06.05.00scope: - version: -

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:susemodel:linux enterprise java sp4scope:eqversion:10

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:4.1

Trust: 0.3

vendor:ibmmodel:rational host on-demandscope:eqversion:11.0

Trust: 0.3

vendor:ibmmodel:java se sr12scope:eqversion:6

Trust: 0.3

vendor:hpmodel:nonstop server h06.20.02scope: - version: -

Trust: 0.3

vendor:hpmodel:service manager p2scope:neversion:9.31.2004

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:websphere mqscope:eqversion:7.11

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:3.0

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.09.02scope: - version: -

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:4.0.1

Trust: 0.3

vendor:ibmmodel:tivoli netcool/omnibusscope:eqversion:7.4

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.02scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server j06.08.03scope: - version: -

Trust: 0.3

vendor:avayamodel:iqscope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:nonstop server j06.10.01scope: - version: -

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:hpmodel:nonstop server h06.25.01scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.18.01scope: - version: -

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.1

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.5

Trust: 0.3

vendor:hpmodel:nonstop server h06.27scope: - version: -

Trust: 0.3

vendor:hpmodel:nonstop server h06.17.00scope: - version: -

Trust: 0.3

vendor:hpmodel:service managerscope:eqversion:9.30

Trust: 0.3

vendor:hpmodel:nonstop server j06.14.02scope: - version: -

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.0

Trust: 0.3

sources: CERT/CC: VU#858729 // ZDI: ZDI-13-011 // BID: 57717 // NVD: CVE-2012-3213

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-3213
value: HIGH

Trust: 1.0

ZDI: CVE-2012-3213
value: HIGH

Trust: 0.7

nvd@nist.gov: CVE-2012-3213
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

ZDI: CVE-2012-3213
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

sources: ZDI: ZDI-13-011 // NVD: CVE-2012-3213

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-3213

THREAT TYPE

network

Trust: 0.3

sources: BID: 57717

TYPE

Unknown

Trust: 0.3

sources: BID: 57717

PATCH

title:Oracle has issued an update to correct this vulnerability.url:http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

Trust: 0.7

sources: ZDI: ZDI-13-011

EXTERNAL IDS

db:NVDid:CVE-2012-3213

Trust: 2.8

db:CERT/CCid:VU#858729

Trust: 2.1

db:BIDid:57717

Trust: 1.3

db:ZDIid:ZDI-13-011

Trust: 1.0

db:USCERTid:TA13-032A

Trust: 1.0

db:ZDI_CANid:ZDI-CAN-1587

Trust: 0.7

db:ICS CERTid:ICSA-17-213-02

Trust: 0.3

db:PACKETSTORMid:120419

Trust: 0.1

db:PACKETSTORMid:120739

Trust: 0.1

db:PACKETSTORMid:123874

Trust: 0.1

db:PACKETSTORMid:120036

Trust: 0.1

db:PACKETSTORMid:120735

Trust: 0.1

db:PACKETSTORMid:124943

Trust: 0.1

db:PACKETSTORMid:124431

Trust: 0.1

db:SECUNIAid:52064

Trust: 0.1

db:PACKETSTORMid:120009

Trust: 0.1

db:PACKETSTORMid:121286

Trust: 0.1

sources: CERT/CC: VU#858729 // ZDI: ZDI-13-011 // BID: 57717 // PACKETSTORM: 120419 // PACKETSTORM: 120739 // PACKETSTORM: 123874 // PACKETSTORM: 120036 // PACKETSTORM: 120735 // PACKETSTORM: 124943 // PACKETSTORM: 124431 // PACKETSTORM: 120009 // PACKETSTORM: 121286 // NVD: CVE-2012-3213

REFERENCES

url:http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

Trust: 2.9

url:http://www.kb.cert.org/vuls/id/858729

Trust: 1.3

url:http://marc.info/?l=bugtraq&m=136439120408139&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=136570436423916&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=136733161405818&w=2

Trust: 1.0

url:http://rhn.redhat.com/errata/rhsa-2013-0236.html

Trust: 1.0

url:http://rhn.redhat.com/errata/rhsa-2013-0237.html

Trust: 1.0

url:http://rhn.redhat.com/errata/rhsa-2013-1455.html

Trust: 1.0

url:http://rhn.redhat.com/errata/rhsa-2013-1456.html

Trust: 1.0

url:http://www.securityfocus.com/bid/57717

Trust: 1.0

url:http://www.us-cert.gov/cas/techalerts/ta13-032a.html

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16512

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19119

Trust: 1.0

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19464

Trust: 1.0

url:http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html

Trust: 0.9

url:http://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showcomment=1353874245992#c4794680666510382012

Trust: 0.8

url:http://codeascraft.etsy.com/2013/03/18/java-not-even-once/

Trust: 0.8

url:http://blogs.technet.com/b/srd/archive/2013/05/29/java-when-you-cannot-let-go.aspx

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2012-3342

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0428

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0351

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0433

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0435

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0409

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0419

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0438

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-3213

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0434

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0432

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0426

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0440

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0427

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0423

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0425

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-0424

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2012-1541

Trust: 0.6

url:http://www.ibm.com/developerworks/java/jdk/alerts/

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-0429

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-0442

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-0446

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-0441

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-0443

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-0445

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-0450

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2013-1473

Trust: 0.4

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03748879

Trust: 0.3

url:http://www.oracle.com/technetwork/java/index.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21644918

Trust: 0.3

url:http://www.xerox.com/download/security/security-bulletin/1683f-4d960e4b16bb2/cert_xrx13-004_v1.01.pdf

Trust: 0.3

url:http://www.zerodayinitiative.com/advisories/zdi-13-011/

Trust: 0.3

url:http://support.apple.com/kb/ht5666

Trust: 0.3

url:https://ics-cert.us-cert.gov/advisories/icsa-17-213-02

Trust: 0.3

url:http://prod.lists.apple.com/archives/security-announce/2013/feb/msg00000.html

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100171276

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21650623

Trust: 0.3

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03748879

Trust: 0.3

url:http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1&ac.admitted=1378134276525.876444892.492883150

Trust: 0.3

url: -

Trust: 0.3

url:http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.endcachetok=com.vignette.cachetoken&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalsta

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643544

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24034507

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21634069

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21635160

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21650822

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100169783

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21633170

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21635864

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21643697

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21642358

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21628927

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21628250

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643618

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21643513

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24033920

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24033922

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24031555

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24034621

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21633669

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-1475

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-1478

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-1476

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-0437

Trust: 0.3

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-0431

Trust: 0.3

url:http://support.apple.com/kb/ht1222

Trust: 0.2

url:http://www.apple.com/support/downloads/

Trust: 0.2

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:http://www.o

Trust: 0.2

url:http://gpgtools.org

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0440.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-3213.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0427.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-1476.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0433.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-1493.html

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0445.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0432.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0446.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0428.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-1480.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-3342.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0425.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0442.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0450.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0419.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0424.html

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0409.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2012-1541.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-1473.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-1486.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0423.html

Trust: 0.2

url:https://access.redhat.com/knowledge/articles/11258

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-0809

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0443.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0438.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-1478.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0435.html

Trust: 0.2

url:https://access.redhat.com/security/team/key/#package

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0434.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0809.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-1487.html

Trust: 0.2

url:http://bugzilla.redhat.com/):

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0351.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0441.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-0426.html

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/lid/hpsm_00486

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00424

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/lid/hpsm_00488

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-0169

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-0436

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00422

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/lid/hpsm_00489

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/lid/hpsm_00484

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00426

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/lid/hpsm_00482

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00420

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-0430

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/lid/hpsm_00483

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-4301

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-1543

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00421

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-4305

Trust: 0.2

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.2

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/lid/hpsm_00487

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-0439

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00425

Trust: 0.2

url:http://support.openview.hp.com/selfsolve/document/lid/hpsm_00485

Trust: 0.2

url:http://www.oracle.com/technetwork/java/javase/

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1481.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2013-0625.html

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00423

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00419

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0431.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0437.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2013-0626.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0444.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-0422

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-0444

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0422.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1484.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2012-3174.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-1485.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-3174

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-0449.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0503

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0501

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1533

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-201401-30.xml

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0547

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0499

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1532

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0504

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1723

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0507

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-5035

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1717

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0500

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1722

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0502

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1716

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1718

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0497

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1531

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3563

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1711

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1713

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1682

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0498

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-1721

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0505

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0506

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_0041

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/lid/hpsc_00282

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/lid/hpsc_00280

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/lid/hpsc_00284

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/lid/hpsc_00283

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/lid/hpsc_00286

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/lid/hpsc_00281

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/lid/hpsc_00285

Trust: 0.1

url:http://support.openview.hp.com/selfsolve/document/lid/hpsc_00279

Trust: 0.1

url:http://secunia.com/advisories/52064/#comments

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=52064

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/52064/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/blog/325/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

url:http://www.hp.com/java

Trust: 0.1

url:http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:https://www.hp.com/go/swa

Trust: 0.1

url:https://h20566.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.1

sources: CERT/CC: VU#858729 // ZDI: ZDI-13-011 // BID: 57717 // PACKETSTORM: 120419 // PACKETSTORM: 120739 // PACKETSTORM: 123874 // PACKETSTORM: 120036 // PACKETSTORM: 120735 // PACKETSTORM: 124943 // PACKETSTORM: 124431 // PACKETSTORM: 120009 // PACKETSTORM: 121286 // NVD: CVE-2012-3213

CREDITS

James Forshaw (tyranid)

Trust: 0.7

sources: ZDI: ZDI-13-011

SOURCES

db:CERT/CCid:VU#858729
db:ZDIid:ZDI-13-011
db:BIDid:57717
db:PACKETSTORMid:120419
db:PACKETSTORMid:120739
db:PACKETSTORMid:123874
db:PACKETSTORMid:120036
db:PACKETSTORMid:120735
db:PACKETSTORMid:124943
db:PACKETSTORMid:124431
db:PACKETSTORMid:120009
db:PACKETSTORMid:121286
db:NVDid:CVE-2012-3213

LAST UPDATE DATE

2024-11-21T19:25:44.690000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#858729date:2013-06-14T00:00:00
db:ZDIid:ZDI-13-011date:2013-02-11T00:00:00
db:BIDid:57717date:2017-08-03T11:09:00
db:NVDid:CVE-2012-3213date:2022-05-13T14:52:52.767

SOURCES RELEASE DATE

db:CERT/CCid:VU#858729date:2013-02-01T00:00:00
db:ZDIid:ZDI-13-011date:2013-02-11T00:00:00
db:BIDid:57717date:2013-02-01T00:00:00
db:PACKETSTORMid:120419date:2013-02-20T19:22:22
db:PACKETSTORMid:120739date:2013-03-11T22:52:28
db:PACKETSTORMid:123874date:2013-11-01T13:37:00
db:PACKETSTORMid:120036date:2013-02-02T19:22:22
db:PACKETSTORMid:120735date:2013-03-11T22:51:48
db:PACKETSTORMid:124943date:2014-01-27T18:30:13
db:PACKETSTORMid:124431date:2013-12-14T11:11:00
db:PACKETSTORMid:120009date:2013-02-04T10:48:27
db:PACKETSTORMid:121286date:2013-04-12T00:36:44
db:NVDid:CVE-2012-3213date:2013-02-02T00:55:01.177