CVE-2012-1711HIGH
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to CORBA.
References
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html
http://marc.info/?l=bugtraq&m=134496371727681&w=2
http://rhn.redhat.com/errata/RHSA-2012-0734.html
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:095
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
http://www.securityfocus.com/bid/53949
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15996
Details
Source: MITRE
Published: 2012-06-16
Updated: 2018-01-18
Type: NVD-CWE-noinfo
Risk Information
CVSS v2.0
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:oracle:jdk:*:update4:*:*:*:*:*:* versions up to 1.7.0 (inclusive)
cpe:2.3:a:oracle:jre:*:update4:*:*:*:*:*:* versions up to 1.7.0 (inclusive)
Configuration 2
OR
cpe:2.3:a:oracle:jdk:*:update_32:*:*:*:*:*:* versions up to 1.6.0 (inclusive)
cpe:2.3:a:oracle:jre:*:update_32:*:*:*:*:*:* versions up to 1.6.0 (inclusive)
Configuration 3
OR
cpe:2.3:a:sun:jdk:*:update35:*:*:*:*:*:* versions up to 1.5.0 (inclusive)
cpe:2.3:a:sun:jre:*:update35:*:*:*:*:*:* versions up to 1.5.0 (inclusive)
Configuration 4
OR
cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:* versions up to 1.4.2_37 (inclusive)
cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:* versions up to 1.4.2_37 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 76303 | GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT) | Nessus | Gentoo Local Security Checks | critical |
| 74670 | openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2012:0828-1) | Nessus | SuSE Local Security Checks | critical |
| 72139 | GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT) | Nessus | Gentoo Local Security Checks | critical |
| 69695 | Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-88) | Nessus | Amazon Linux Local Security Checks | critical |
| 68566 | Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2012-1009) | Nessus | Oracle Linux Local Security Checks | critical |
| 68542 | Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2012-0730) | Nessus | Oracle Linux Local Security Checks | critical |
| 68541 | Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2012-0729) | Nessus | Oracle Linux Local Security Checks | critical |
| 66909 | VMware vCenter Update Manager Multiple Vulnerabilities (VMSA-2012-0013) | Nessus | Windows | critical |
| 66806 | VMware vCenter Multiple Vulnerabilities (VMSA-2012-0013) | Nessus | Misc. | critical |
| 64848 | Oracle Java SE Multiple Vulnerabilities (June 2012 CPU) (Unix) | Nessus | Misc. | critical |
| 64167 | SuSE 11.1 Security Update : java-1_6_0-openjdk (SAT Patch Number 6437) | Nessus | SuSE Local Security Checks | critical |
| 61729 | Ubuntu 11.04 / 11.10 : icedtea-web regression (USN-1505-2) | Nessus | Ubuntu Local Security Checks | critical |
| 61330 | Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (20120613) | Nessus | Scientific Linux Local Security Checks | critical |
| 61329 | Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64 (20120613) | Nessus | Scientific Linux Local Security Checks | critical |
| 61328 | Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 (20120613) | Nessus | Scientific Linux Local Security Checks | critical |
| 59964 | Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : icedtea-web, openjdk-6 vulnerabilities (USN-1505-1) | Nessus | Ubuntu Local Security Checks | critical |
| 59937 | CentOS 6 : java-1.7.0-openjdk (CESA-2012:1009) | Nessus | CentOS Local Security Checks | critical |
| 59839 | Debian DSA-2507-1 : openjdk-6 - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
| 59638 | RHEL 6 : java-1.7.0-oracle (RHSA-2012:1019) | Nessus | Red Hat Local Security Checks | critical |
| 59637 | RHEL 6 : java-1.7.0-openjdk (RHSA-2012:1009) | Nessus | Red Hat Local Security Checks | critical |
| 59561 | Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2012:095) | Nessus | Mandriva Local Security Checks | critical |
| 59492 | RHEL 5 / 6 : java-1.6.0-sun (RHSA-2012:0734) | Nessus | Red Hat Local Security Checks | critical |
| 59490 | RHEL 5 : java-1.6.0-openjdk (RHSA-2012:0730) | Nessus | Red Hat Local Security Checks | critical |
| 59489 | RHEL 6 : java-1.6.0-openjdk (RHSA-2012:0729) | Nessus | Red Hat Local Security Checks | critical |
| 59481 | CentOS 5 : java-1.6.0-openjdk (CESA-2012:0730) | Nessus | CentOS Local Security Checks | critical |
| 59480 | CentOS 6 : java-1.6.0-openjdk (CESA-2012:0729) | Nessus | CentOS Local Security Checks | critical |
| 59464 | Mac OS X : Java for OS X 2012-004 | Nessus | MacOS X Local Security Checks | critical |
| 59463 | Mac OS X : Java for Mac OS X 10.6 Update 9 | Nessus | MacOS X Local Security Checks | critical |
| 59462 | Oracle Java SE Multiple Vulnerabilities (June 2012 CPU) | Nessus | Windows | critical |