CVE-2012-5067MEDIUM
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
References
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
http://rhn.redhat.com/errata/RHSA-2012-1391.html
http://rhn.redhat.com/errata/RHSA-2012-1467.html
http://secunia.com/advisories/51326
http://secunia.com/advisories/51390
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
http://www.securityfocus.com/bid/56070
https://exchange.xforce.ibmcloud.com/vulnerabilities/79429
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16055
Details
Source: MITRE
Published: 2012-10-16
Updated: 2017-09-19
Type: NVD-CWE-noinfo
Risk Information
CVSS v2.0
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:*:update7:*:*:*:*:*:* versions up to 1.7.0 (inclusive)
cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:*:update7:*:*:*:*:*:* versions up to 1.7.0 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 89663 | VMware ESX / ESXi NFC and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0003) (remote check) | Nessus | Misc. | critical |
| 83567 | SUSE SLES11 Security Update : IBM Java 1.7.0 (SUSE-SU-2012:1489-2) | Nessus | SuSE Local Security Checks | critical |
| 72139 | GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT) | Nessus | Gentoo Local Security Checks | critical |
| 64849 | Oracle Java SE Multiple Vulnerabilities (October 2012 CPU) (Unix) | Nessus | Misc. | critical |
| 64171 | SuSE 11.2 Security Update : IBM Java 1.7.0 (SAT Patch Number 7046) | Nessus | SuSE Local Security Checks | critical |
| 64169 | SuSE 11.2 Security Update : OpenJDK (SAT Patch Number 6987) | Nessus | SuSE Local Security Checks | critical |
| 62932 | RHEL 6 : java-1.7.0-ibm (RHSA-2012:1467) (ROBOT) | Nessus | Red Hat Local Security Checks | critical |
| 62709 | Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS / 12.10 : openjdk-6, openjdk-7 vulnerabilities (USN-1619-1) (ROBOT) | Nessus | Ubuntu Local Security Checks | critical |
| 62635 | RHEL 6 : java-1.7.0-oracle (RHSA-2012:1391) | Nessus | Red Hat Local Security Checks | critical |
| 62593 | Oracle Java SE Multiple Vulnerabilities (October 2012 CPU) | Nessus | Windows | critical |