CVE-2012-1713

HIGH

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

References

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html

http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html

http://marc.info/?l=bugtraq&m=134496371727681&w=2

http://rhn.redhat.com/errata/RHSA-2012-0734.html

http://rhn.redhat.com/errata/RHSA-2012-1243.html

http://rhn.redhat.com/errata/RHSA-2013-1455.html

http://rhn.redhat.com/errata/RHSA-2013-1456.html

http://secunia.com/advisories/50659

http://secunia.com/advisories/51080

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://www.ibm.com/support/docview.wss?uid=swg21615246

http://www.mandriva.com/security/advisories?name=MDVSA-2012:095

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html

http://www.securityfocus.com/bid/53946

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16502

Details

Source: MITRE

Published: 2012-06-16

Updated: 2018-01-18

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jdk:*:update4:*:*:*:*:*:* versions up to 1.7.0 (inclusive)

cpe:2.3:a:oracle:jre:*:update4:*:*:*:*:*:* versions up to 1.7.0 (inclusive)

Configuration 2

OR

cpe:2.3:a:oracle:jdk:*:update_32:*:*:*:*:*:* versions up to 1.6.0 (inclusive)

cpe:2.3:a:oracle:jre:*:update_32:*:*:*:*:*:* versions up to 1.6.0 (inclusive)

Configuration 3

OR

cpe:2.3:a:sun:jdk:*:update35:*:*:*:*:*:* versions up to 1.5.0 (inclusive)

cpe:2.3:a:sun:jre:*:update35:*:*:*:*:*:* versions up to 1.5.0 (inclusive)

Configuration 4

OR

cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:* versions up to 1.4.2_37 (inclusive)

cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:* versions up to 1.4.2_37 (inclusive)

Configuration 5

OR

cpe:2.3:a:oracle:javafx:*:*:*:*:*:*:*:* versions up to 2.1 (inclusive)

Tenable Plugins

View all (42 total)

IDNameProductFamilySeverity
78976RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1456) (ROBOT)NessusRed Hat Local Security Checks
critical
78975RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)NessusRed Hat Local Security Checks
critical
78936RHEL 5 / 6 : java-1.4.2-ibm-sap (RHSA-2012:1332)NessusRed Hat Local Security Checks
critical
76303GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)NessusGentoo Local Security Checks
critical
74670openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2012:0828-1)NessusSuSE Local Security Checks
critical
72139GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)NessusGentoo Local Security Checks
critical
69695Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-88)NessusAmazon Linux Local Security Checks
critical
68566Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2012-1009)NessusOracle Linux Local Security Checks
critical
68542Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2012-0730)NessusOracle Linux Local Security Checks
critical
68541Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2012-0729)NessusOracle Linux Local Security Checks
critical
66909VMware vCenter Update Manager Multiple Vulnerabilities (VMSA-2012-0013)NessusWindows
critical
66806VMware vCenter Multiple Vulnerabilities (VMSA-2012-0013)NessusMisc.
critical
64848Oracle Java SE Multiple Vulnerabilities (June 2012 CPU) (Unix)NessusMisc.
critical
64170SuSE 11.2 Security Update : IBM Java (SAT Patch Number 6839)NessusSuSE Local Security Checks
critical
64167SuSE 11.1 Security Update : java-1_6_0-openjdk (SAT Patch Number 6437)NessusSuSE Local Security Checks
critical
64165SuSE 11.2 Security Update : IBM Java (SAT Patch Number 6793)NessusSuSE Local Security Checks
critical
64162SuSE 11.2 Security Update : IBM Java (SAT Patch Number 6791)NessusSuSE Local Security Checks
critical
64056RHEL 5 : java-1.4.2-ibm (RHSA-2012:1243)NessusRed Hat Local Security Checks
critical
62381SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8284)NessusSuSE Local Security Checks
critical
62196RHEL 6 : java-1.7.0-ibm (RHSA-2012:1289)NessusRed Hat Local Security Checks
critical
62177SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8283)NessusSuSE Local Security Checks
critical
62116SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8281)NessusSuSE Local Security Checks
critical
62024RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2012:1245)NessusRed Hat Local Security Checks
critical
62001RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2012:1238)NessusRed Hat Local Security Checks
critical
61729Ubuntu 11.04 / 11.10 : icedtea-web regression (USN-1505-2)NessusUbuntu Local Security Checks
critical
61330Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (20120613)NessusScientific Linux Local Security Checks
critical
61329Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64 (20120613)NessusScientific Linux Local Security Checks
critical
61328Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 (20120613)NessusScientific Linux Local Security Checks
critical
59964Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : icedtea-web, openjdk-6 vulnerabilities (USN-1505-1)NessusUbuntu Local Security Checks
critical
59937CentOS 6 : java-1.7.0-openjdk (CESA-2012:1009)NessusCentOS Local Security Checks
critical
59839Debian DSA-2507-1 : openjdk-6 - several vulnerabilitiesNessusDebian Local Security Checks
critical
59638RHEL 6 : java-1.7.0-oracle (RHSA-2012:1019)NessusRed Hat Local Security Checks
critical
59637RHEL 6 : java-1.7.0-openjdk (RHSA-2012:1009)NessusRed Hat Local Security Checks
critical
59561Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2012:095)NessusMandriva Local Security Checks
critical
59492RHEL 5 / 6 : java-1.6.0-sun (RHSA-2012:0734)NessusRed Hat Local Security Checks
critical
59490RHEL 5 : java-1.6.0-openjdk (RHSA-2012:0730)NessusRed Hat Local Security Checks
critical
59489RHEL 6 : java-1.6.0-openjdk (RHSA-2012:0729)NessusRed Hat Local Security Checks
critical
59481CentOS 5 : java-1.6.0-openjdk (CESA-2012:0730)NessusCentOS Local Security Checks
critical
59480CentOS 6 : java-1.6.0-openjdk (CESA-2012:0729)NessusCentOS Local Security Checks
critical
59464Mac OS X : Java for OS X 2012-004NessusMacOS X Local Security Checks
critical
59463Mac OS X : Java for Mac OS X 10.6 Update 9NessusMacOS X Local Security Checks
critical
59462Oracle Java SE Multiple Vulnerabilities (June 2012 CPU)NessusWindows
critical