Action not permitted
Modal body text goes here.
CVE-2012-4681
Vulnerability from cvelistv5
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-03-03
Due date: 2022-03-24
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-4681
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T20:42:55.009Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html" }, { "name": "SUSE-SU-2012:1398", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" }, { "name": "SUSE-SU-2012:1231", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html" }, { "name": "TA12-240A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/" }, { "name": "SSRT100970", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "name": "RHSA-2012:1225", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html" }, { "name": "51044", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/51044" }, { "name": "HPSBUX02824", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "name": "55213", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/55213" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2012-08-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-04T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html" }, { "name": "SUSE-SU-2012:1398", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" }, { "name": "SUSE-SU-2012:1231", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html" }, { "name": "TA12-240A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/" }, { "name": "SSRT100970", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "name": "RHSA-2012:1225", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html" }, { "name": "51044", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/51044" }, { "name": "HPSBUX02824", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "name": "55213", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/55213" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4681", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html", "refsource": "MISC", "url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html" }, { "name": "SUSE-SU-2012:1398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" }, { "name": "SUSE-SU-2012:1231", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html" }, { "name": "TA12-240A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html" }, { "name": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/", "refsource": "MISC", "url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/" }, { "name": "SSRT100970", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "name": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day", "refsource": "MISC", "url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day" }, { "name": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html", "refsource": "MISC", "url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "name": "RHSA-2012:1225", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html" }, { "name": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html", "refsource": "MISC", "url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html" }, { "name": "51044", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51044" }, { "name": "HPSBUX02824", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "name": "55213", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55213" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-4681", "datePublished": "2012-08-28T00:00:00", "dateReserved": "2012-08-27T00:00:00", "dateUpdated": "2024-08-06T20:42:55.009Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "cisa_known_exploited": { "cveID": "CVE-2012-4681", "dateAdded": "2022-03-03", "dueDate": "2022-03-24", "knownRansomwareCampaignUse": "Unknown", "notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681", "product": "Java SE", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.", "vendorProject": "Oracle", "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability" }, "nvd": "{\"cve\":{\"id\":\"CVE-2012-4681\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2012-08-28T00:55:01.860\",\"lastModified\":\"2022-12-21T15:28:09.200\",\"vulnStatus\":\"Analyzed\",\"cisaExploitAdd\":\"2022-03-03\",\"cisaActionDue\":\"2022-03-24\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \\\"reflection with a trusted immediate caller\\\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.\"},{\"lang\":\"es\",\"value\":\"Oracle Java 7 Update 6, y posiblemente otras versiones, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un applet manipulado, explotado como en la naturaleza, en agosto de 2012 utilizando Gondzz.class y Gondvv.class.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":10.0},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A420DA5-1346-446B-8D23-E1E6DDBE527E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8CA8719-7ABE-4279-B49E-C414794A4FE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC92B7EC-849F-4255-9D55-43681B8DADC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ABC1045-7D3D-4A14-B994-7E60A4BB4C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F3C1E65-929A-4468-8584-F086E6E59839\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"42C95C1D-0C2E-4733-AB1B-65650D88995D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*\",\"matchCriteriaId\":\"47A9F499-D1E3-41BD-AC18-E8D3D3231C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"D45B0D7E-BA0F-4AAA-A7BA-2ADA4CC90D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*\",\"matchCriteriaId\":\"D58A3E4F-2409-440A-891E-0B84D79AB480\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FC2226B-CFEF-48A4-83EA-1F59F4AF7528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*\",\"matchCriteriaId\":\"F29DC78F-4D02-47B4-A955-32080B22356C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A4204E-6F50-45FB-A343-7A30C0CD6D3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6E07069-D6EE-4D44-94A6-CDCA4A50E6F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B151882-47C0-400E-BBAB-A949E6140C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DB4F19E-DFC4-42F4-87B9-32FB1C496649\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*\",\"matchCriteriaId\":\"301E96A3-AD2F-48F3-9166-571BD6F9FAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C9215D9-DB64-4CEE-85E6-E247035EFB09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*\",\"matchCriteriaId\":\"352509FE-54D9-4A59-98B7-96E5E98BC2CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3EC13D3-4CE7-459C-A7D7-7D38C1284720\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CDCD1B4-C5F3-4188-B05F-23922F7DE517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*\",\"matchCriteriaId\":\"1824DA2D-26D5-4595-8376-8E41AB8C5E52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*\",\"matchCriteriaId\":\"B72F78B7-10D1-49CF-AC4D-3B10921CB633\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"344FA3EA-9E25-493C-976A-211D1404B251\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*\",\"matchCriteriaId\":\"60D05860-9424-4727-B583-74A35BC9BDFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*\",\"matchCriteriaId\":\"F85DB431-FEA4-42E7-AC29-6B66174DCD9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB7E911C-C780-440A-ABFF-CCE09061BB4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*\",\"matchCriteriaId\":\"0381EE39-2F60-49FD-A63A-B9E81C9033CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AD75455-B7F0-4F42-98E7-CAA43787D606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D081A380-5AA4-4451-94A9-7B65810106E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"112E7575-A3A0-4A94-AD39-7B2325B150B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"708E8CEF-82EE-4D4B-ABF9-87AA4878F517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5D9D9A7-8819-44A4-80AC-52D6B63A0C9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update8:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEB2C8A3-E0DC-46A3-BD82-8E45DA55ED0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"64B5B16D-061A-438D-A8CF-9E63D6C748D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACABC935-5DD6-4F85-992E-70AD517EF41D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6152036D-6421-4AE4-9223-766FE07B5A44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D375CECB-405C-4E18-A7E8-9C5A2F97BD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"52EEEA5A-E77C-43CF-A063-9D5C64EA1870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"003746F6-DEF0-4D0F-AD97-9E335868E301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF830E0E-0169-4B6A-81FF-2E9FCD7D913B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BAE3670-0938-480A-8472-DFF0B3A0D0BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB864346-1429-46B5-A91E-A1126C486421\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F199B346-B95E-4DCA-B750-148A36D559BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D16229B8-1642-4C10-8650-A9CEA9D4C98C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"1714BDEF-6B0E-42BB-9510-3F9B52E170BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*\",\"matchCriteriaId\":\"830A3A51-F17A-4C61-8F5C-6A4582A64DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DE0E496-719D-4CEF-837F-B060A898099F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B02F361-0C64-4CB8-8DAD-A63F1A9CC025\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD4CC3E2-7BEA-4D8C-811C-C5012327A9AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F63A8AC-893D-4D75-B467-85E70B62541D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7823AE6-CB18-47DE-8A4F-1F98394B7237\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*\",\"matchCriteriaId\":\"381EFA43-DB73-48EA-A4B1-F451EF60D845\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*\",\"matchCriteriaId\":\"77C54E00-0197-4C87-9BFF-01A099AC3006\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"64AD6007-EB92-4D0E-A0CB-8FFDDB61AA6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*\",\"matchCriteriaId\":\"7415177F-A2FE-47AB-8D92-194A4F6D75C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*\",\"matchCriteriaId\":\"52FA600C-08B6-4143-9C72-DB31E489DE3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF13B96D-1F80-4672-8DA3-F86F6D3BF070\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1A2D440-D966-41A6-955D-38B28DDE0FDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1C57774-AD93-4162-8E45-92B09139C808\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD7C4194-D34A-418F-9B00-5C6012844AAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0B82FB1-0F0E-44F9-87AE-628517279E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2752B83A-6DD2-4829-9E4F-42CDDCBC38C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D60D98D-4363-44A0-AAB4-B61BA623EE21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*\",\"matchCriteriaId\":\"23CDA4F0-C32B-4B08-A377-7D4426C2F569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E76476E-4120-46A9-90A8-A95FE89636CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A84689-0CED-404F-8DC3-708BEB37D2CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*\",\"matchCriteriaId\":\"738EC3E5-A4EB-47FE-9C9A-7C8E8C669765\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"964CCFD6-316A-48C6-9A6B-7CFD1A1FB027\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC8771D7-9531-4A1D-B2DE-FAA7A7549801\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C59C275-5964-4E5D-BE80-BA4EA34BEA62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C1922B-37E8-4009-97C7-B243F6F96704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B3A8681-3EAC-4D02-811A-5FCCCC7B5635\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFAA351A-93CD-46A8-A480-CE2783CCD620\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B153FD-E20B-4909-8B10-884E48F5B590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5831D70B-3854-4CB8-B88D-40F1743DAEE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA302DF3-ABBB-4262-B206-4C0F7B5B1E91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8382A145-CDD9-437E-9DE7-A349956778B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]}],\"references\":[{\"url\":\"http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1225.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/51044\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/55213\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA12-240A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2012_1225
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-oracle packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "The Oracle Java 7 release includes the Oracle Java 7 Runtime Environment\nand the Oracle Java 7 Software Development Kit.\n\nThis update fixes several vulnerabilities in the Oracle Java 7 Runtime\nEnvironment and the Oracle Java 7 Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Security\nAlert page, listed in the References section. (CVE-2012-4681,\nCVE-2012-1682, CVE-2012-3136, CVE-2012-0547)\n\nRed Hat is aware that a public exploit for CVE-2012-4681 is available that\nexecutes code without user interaction when a user visits a malicious web\npage using a browser with the Oracle Java 7 web browser plug-in enabled.\n\nAll users of java-1.7.0-oracle are advised to upgrade to these updated\npackages, which provide Oracle Java 7 Update 7 and resolve these issues.\nAll running instances of Oracle Java must be restarted for the update to\ntake effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2012:1225", "url": "https://access.redhat.com/errata/RHSA-2012:1225" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "category": "external", "summary": "852051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852051" }, { "category": "external", "summary": "853097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853097" }, { "category": "external", "summary": "853138", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853138" }, { "category": "external", "summary": "853228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853228" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1225.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-oracle security update", "tracking": { "current_release_date": "2024-11-05T17:50:29+00:00", "generator": { "date": "2024-11-05T17:50:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2012:1225", "initial_release_date": "2012-09-04T07:04:00+00:00", "revision_history": [ { "date": "2012-09-04T07:04:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2012-09-04T07:04:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:50:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.7-1jpp.5.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.7-1jpp.5.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.7-1jpp.5.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.7-1jpp.5.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.7-1jpp.5.el6_3?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.7-1jpp.5.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "product_id": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.7-1jpp.5.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "product": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "product_id": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.7-1jpp.5.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.7-1jpp.5.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.7-1jpp.5.el6_3?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-0547", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853228" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and \"a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited.\" NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to \"toolkit internals references.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: AWT hardening fixes (AWT, 7163201)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0547" }, { "category": "external", "summary": "RHBZ#853228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853228" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0547", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0547" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-04T07:04:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1225" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 0.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: AWT hardening fixes (AWT, 7163201)" }, { "cve": "CVE-2012-1682", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853097" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to \"XMLDecoder security issue via ClassFinder.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1682" }, { "category": "external", "summary": "RHBZ#853097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1682", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1682" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1682", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1682" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-04T07:04:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1225" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)" }, { "cve": "CVE-2012-3136", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853138" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-3136" }, { "category": "external", "summary": "RHBZ#853138", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853138" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-3136", "url": "https://www.cve.org/CVERecord?id=CVE-2012-3136" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3136", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3136" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-04T07:04:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1225" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)" }, { "cve": "CVE-2012-4681", "discovery_date": "2012-08-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "852051" } ], "notes": [ { "category": "description", "text": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw allowed an attacker to circumvent all restrictions applied by the Java security manager. The Java security manager is used to sandbox Java applets in web browsers, but is also used in a variety of other applications.\n\nRed Hat has tested the flaw and confirmed that it affected Java SE 7 provided by OpenJDK 7 (java-1.7.0-openjdk), Oracle Java SE 7 (java-1.7.0-oracle) and IBM Java SE 7 (java-1.7.0-ibm) as shipped with Red Hat Enterprise Linux 6. Updates correcting this issue were released for all affected packages.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4681" }, { "category": "external", "summary": "RHBZ#852051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4681", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4681" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2012-08-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-04T07:04:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1225" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)" } ] }
rhsa-2012_1223
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-openjdk packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "These packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit.\n\nMultiple improper permission check issues were discovered in the Beans\ncomponent in OpenJDK. An untrusted Java application or applet could use\nthese flaws to bypass Java sandbox restrictions. (CVE-2012-4681,\nCVE-2012-1682, CVE-2012-3136)\n\nA hardening fix was applied to the AWT component in OpenJDK, removing\nfunctionality from the restricted SunToolkit class that was used in\ncombination with other flaws to bypass Java sandbox restrictions.\n(CVE-2012-0547)\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2012:1223", "url": "https://access.redhat.com/errata/RHSA-2012:1223" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "category": "external", "summary": "852051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852051" }, { "category": "external", "summary": "853097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853097" }, { "category": "external", "summary": "853138", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853138" }, { "category": "external", "summary": "853228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853228" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1223.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-openjdk security update", "tracking": { "current_release_date": "2024-11-05T17:50:24+00:00", "generator": { "date": "2024-11-05T17:50:24+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2012:1223", "initial_release_date": "2012-09-03T12:57:00+00:00", "revision_history": [ { "date": "2012-09-03T12:57:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2012-09-03T13:00:27+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:50:24+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "product_id": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.5-2.2.1.el6_3.3?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "product": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_id": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-devel@1.7.0.5-2.2.1.el6_3.3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "product": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_id": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-src@1.7.0.5-2.2.1.el6_3.3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "product": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_id": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-demo@1.7.0.5-2.2.1.el6_3.3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "product": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_id": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-debuginfo@1.7.0.5-2.2.1.el6_3.3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_id": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.5-2.2.1.el6_3.3?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_id": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-devel@1.7.0.5-2.2.1.el6_3.3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_id": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-src@1.7.0.5-2.2.1.el6_3.3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_id": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-demo@1.7.0.5-2.2.1.el6_3.3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_id": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-debuginfo@1.7.0.5-2.2.1.el6_3.3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_id": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.5-2.2.1.el6_3.3?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "product": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "product_id": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-javadoc@1.7.0.5-2.2.1.el6_3.3?arch=noarch\u0026epoch=1" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Client-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Server-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "relates_to_product_reference": "6Workstation-optional-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "relates_to_product_reference": "6Workstation-optional-6.3.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-0547", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853228" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and \"a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited.\" NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to \"toolkit internals references.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: AWT hardening fixes (AWT, 7163201)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0547" }, { "category": "external", "summary": "RHBZ#853228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853228" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0547", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0547" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-03T12:57:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1223" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 0.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:N", "version": "2.0" }, "products": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: AWT hardening fixes (AWT, 7163201)" }, { "cve": "CVE-2012-1682", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853097" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to \"XMLDecoder security issue via ClassFinder.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1682" }, { "category": "external", "summary": "RHBZ#853097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1682", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1682" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1682", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1682" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-03T12:57:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1223" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)" }, { "cve": "CVE-2012-3136", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853138" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-3136" }, { "category": "external", "summary": "RHBZ#853138", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853138" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-3136", "url": "https://www.cve.org/CVERecord?id=CVE-2012-3136" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3136", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3136" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-03T12:57:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1223" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)" }, { "cve": "CVE-2012-4681", "discovery_date": "2012-08-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "852051" } ], "notes": [ { "category": "description", "text": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw allowed an attacker to circumvent all restrictions applied by the Java security manager. The Java security manager is used to sandbox Java applets in web browsers, but is also used in a variety of other applications.\n\nRed Hat has tested the flaw and confirmed that it affected Java SE 7 provided by OpenJDK 7 (java-1.7.0-openjdk), Oracle Java SE 7 (java-1.7.0-oracle) and IBM Java SE 7 (java-1.7.0-ibm) as shipped with Red Hat Enterprise Linux 6. Updates correcting this issue were released for all affected packages.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4681" }, { "category": "external", "summary": "RHBZ#852051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4681", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4681" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2012-08-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-03T12:57:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1223" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Client-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Client-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Client-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6ComputeNode-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Server-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Server-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Server-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.src", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3.x86_64", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3.noarch", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.i686", "6Workstation-optional-6.3.z:java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)" } ] }
rhsa-2012_1289
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit.\n\nThis update fixes several vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM Security alerts page,\nlisted in the References section. (CVE-2012-0547, CVE-2012-0551,\nCVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1719,\nCVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-1726, CVE-2012-3136,\nCVE-2012-4681)\n\nAll users of java-1.7.0-ibm are advised to upgrade to these updated\npackages, containing the IBM Java SE 7 SR2 release. All running instances\nof IBM Java must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2012:1289", "url": "https://access.redhat.com/errata/RHSA-2012:1289" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "https://www.ibm.com/developerworks/java/jdk/alerts/", "url": "https://www.ibm.com/developerworks/java/jdk/alerts/" }, { "category": "external", "summary": "829358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829358" }, { "category": "external", "summary": "829360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829360" }, { "category": "external", "summary": "829361", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829361" }, { "category": "external", "summary": "829371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829371" }, { "category": "external", "summary": "829376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829376" }, { "category": "external", "summary": "829377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829377" }, { "category": "external", "summary": "831353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=831353" }, { "category": "external", "summary": "831354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=831354" }, { "category": "external", "summary": "831355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=831355" }, { "category": "external", "summary": "852051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852051" }, { "category": "external", "summary": "853097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853097" }, { "category": "external", "summary": "853138", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853138" }, { "category": "external", "summary": "853228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853228" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1289.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-ibm security update", "tracking": { "current_release_date": "2024-11-05T17:51:34+00:00", "generator": { "date": "2024-11-05T17:51:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2012:1289", "initial_release_date": "2012-09-18T22:46:00+00:00", "revision_history": [ { "date": "2012-09-18T22:46:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2012-09-18T22:52:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:51:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.2.0-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-plugin@1.7.0.2.0-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.2.0-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.2.0-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.2.0-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.2.0-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.2.0-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-plugin@1.7.0.2.0-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.2.0-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.2.0-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.2.0-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.2.0-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.2.0-1jpp.3.el6_3?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.2.0-1jpp.3.el6_3?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_id": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.2.0-1jpp.3.el6_3?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.2.0-1jpp.3.el6_3?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_id": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.2.0-1jpp.3.el6_3?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_id": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-demo@1.7.0.2.0-1jpp.3.el6_3?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_id": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-devel@1.7.0.2.0-1jpp.3.el6_3?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_id": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-src@1.7.0.2.0-1jpp.3.el6_3?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_id": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm-jdbc@1.7.0.2.0-1jpp.3.el6_3?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_id": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-ibm@1.7.0.2.0-1jpp.3.el6_3?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-0547", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853228" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and \"a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited.\" NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to \"toolkit internals references.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: AWT hardening fixes (AWT, 7163201)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0547" }, { "category": "external", "summary": "RHBZ#853228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853228" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0547", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0547" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 0.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: AWT hardening fixes (AWT, 7163201)" }, { "cve": "CVE-2012-0551", "discovery_date": "2012-06-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "831355" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0551" }, { "category": "external", "summary": "RHBZ#831355", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=831355" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0551", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0551" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0551", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0551" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)" }, { "cve": "CVE-2012-1682", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853097" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to \"XMLDecoder security issue via ClassFinder.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1682" }, { "category": "external", "summary": "RHBZ#853097", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853097" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1682", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1682" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1682", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1682" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)" }, { "cve": "CVE-2012-1713", "discovery_date": "2012-06-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "829361" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1713" }, { "category": "external", "summary": "RHBZ#829361", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829361" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1713", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1713", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1713" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617)" }, { "cve": "CVE-2012-1716", "discovery_date": "2012-06-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "829360" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1716" }, { "category": "external", "summary": "RHBZ#829360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829360" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1716", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1716", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1716" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614)" }, { "cve": "CVE-2012-1717", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2012-06-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "829358" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure temporary file permissions (JRE, 7143606)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1717" }, { "category": "external", "summary": "RHBZ#829358", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829358" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1717", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1717" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: insecure temporary file permissions (JRE, 7143606)" }, { "cve": "CVE-2012-1719", "discovery_date": "2012-06-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "829371" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect integrity, related to CORBA.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1719" }, { "category": "external", "summary": "RHBZ#829371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829371" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1719", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1719", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1719" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)" }, { "cve": "CVE-2012-1721", "discovery_date": "2012-06-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "831353" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1721" }, { "category": "external", "summary": "RHBZ#831353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=831353" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1721", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1721" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1721", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1721" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)" }, { "cve": "CVE-2012-1722", "discovery_date": "2012-06-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "831354" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1722" }, { "category": "external", "summary": "RHBZ#831354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=831354" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1722", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1722" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1722", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1722" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)" }, { "cve": "CVE-2012-1725", "discovery_date": "2012-06-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "829376" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient invokespecial \u003cinit\u003e verification (HotSpot, 7160757)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1725" }, { "category": "external", "summary": "RHBZ#829376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829376" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1725", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1725", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1725" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient invokespecial \u003cinit\u003e verification (HotSpot, 7160757)" }, { "cve": "CVE-2012-1726", "discovery_date": "2012-06-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "829377" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: java.lang.invoke.MethodHandles.Lookup does not honor access modes (Libraries, 7165628)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1726" }, { "category": "external", "summary": "RHBZ#829377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1726", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1726" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1726", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1726" } ], "release_date": "2012-06-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: java.lang.invoke.MethodHandles.Lookup does not honor access modes (Libraries, 7165628)" }, { "cve": "CVE-2012-3136", "discovery_date": "2012-08-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "853138" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-3136" }, { "category": "external", "summary": "RHBZ#853138", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=853138" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-3136", "url": "https://www.cve.org/CVERecord?id=CVE-2012-3136" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3136", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3136" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" } ], "release_date": "2012-08-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)" }, { "cve": "CVE-2012-4681", "discovery_date": "2012-08-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "852051" } ], "notes": [ { "category": "description", "text": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw allowed an attacker to circumvent all restrictions applied by the Java security manager. The Java security manager is used to sandbox Java applets in web browsers, but is also used in a variety of other applications.\n\nRed Hat has tested the flaw and confirmed that it affected Java SE 7 provided by OpenJDK 7 (java-1.7.0-openjdk), Oracle Java SE 7 (java-1.7.0-oracle) and IBM Java SE 7 (java-1.7.0-ibm) as shipped with Red Hat Enterprise Linux 6. Updates correcting this issue were released for all affected packages.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4681" }, { "category": "external", "summary": "RHBZ#852051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4681", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4681" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2012-08-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-09-18T22:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1289" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Client-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Server-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.ppc64", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.s390x", "6Workstation-Supplementary-6.3.z:java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-03T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)" } ] }
ghsa-fw99-8m5g-58p8
Vulnerability from github
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
{ "affected": [], "aliases": [ "CVE-2012-4681" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2012-08-28T00:55:00Z", "severity": "HIGH" }, "details": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.", "id": "GHSA-fw99-8m5g-58p8", "modified": "2022-05-14T00:03:19Z", "published": "2022-05-14T00:03:19Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681" }, { "type": "WEB", "url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day" }, { "type": "WEB", "url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html" }, { "type": "WEB", "url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html" }, { "type": "WEB", "url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/51044" }, { "type": "WEB", "url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/55213" }, { "type": "WEB", "url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html" } ], "schema_version": "1.4.0", "severity": [] }
var-201208-0292
Vulnerability from variot
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. Oracle Provided by Java 7 Any OS A vulnerability exists that allows the command to be executed. Oracle Provided by Java 7 Is Java Any sandbox is avoided OS A vulnerability exists that allows the command to be executed. Attack code using this vulnerability has been released and attacks have been observed.Crafted Java By opening a web page with an applet embedded, OS The command may be executed. Oracle Java Runtime Environment (JRE) is prone to a remote code execution vulnerability. An attacker can exploit this issue to bypass Java sandbox restrictions and load additional classes to execute arbitrary code in the context of the application. This vulnerability affects Oracle JRE 1.7.0 Update 6; prior versions may also be affected. NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities (CVE-2012-0547). The verification of md5 checksums and GPG signatures is performed automatically for you. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30
http://security.gentoo.org/
Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30
Synopsis
Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages
Description
Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Oracle JDK 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"
All Oracle JRE 1.7 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"
All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version:
# emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"
All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea.
NOTE: As Oracle has revoked the DLJ license for its Java implementation, the packages can no longer be updated automatically.
References
[ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201401-30.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2012:1223-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1223.html Issue date: 2012-09-03 CVE Names: CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 CVE-2012-4681 =====================================================================
- Summary:
Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64
- Description:
These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit.
Multiple improper permission check issues were discovered in the Beans component in OpenJDK. (CVE-2012-0547)
All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
852051 - CVE-2012-4681 OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473) 853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476) 853138 - CVE-2012-3136 OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567) 853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201)
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
i386: java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
x86_64: java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
i386: java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
i386: java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm
x86_64: java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm
i386: java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm
noarch: java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm
x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-0547.html https://www.redhat.com/security/data/cve/CVE-2012-1682.html https://www.redhat.com/security/data/cve/CVE-2012-3136.html https://www.redhat.com/security/data/cve/CVE-2012-4681.html https://access.redhat.com/security/updates/classification/#important http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQRKzHXlSAg2UNWIIRAt9QAJ9qt+dYZrGWLZfelO3gxXIHLRIrjgCdE0e8 0vzPqUIZfBkT+eNBNebUuVE= =WYyS -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Web browsers using the Java 7 plug-in are at high risk. Both Java applets delivered via web browsers and stand-alone Java applications are affected, however web browsers using the Java 7 plug-in are at particularly high risk.
The Java 7 plug-in, the Java Deployment Toolkit plug-in, and Java Web Start can be used as attack vectors. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a "drive-by download" attack).
Reports indicate that at least one of these vulnerabilities is being actively exploited.
Stand-alone java applications may also be affected.
Disable Java in web browsers
These and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates have been installed. As with any software, unnecessary features should be disabled or removed as appropriate for your environment.
Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client:
For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab.
Restrict access to Java applets
Network administrators unable to disable Java in web browsers may be able to help mitigate these and other Java vulnerabilities by restricting access to Java applets using a web proxy. Most web proxies have features that can be used to block or whitelist requests for .jar and .class files based on network location. Filtering requests that contain a Java User-Agent header may also be effective. For environments where Java is required on the local intranet, the proxy can be configured to allow access to Java applets hosted locally, but block access to Java applets on the internet.
References
-
Vulnerability Note VU#858729 http://www.kb.cert.org/vuls/id/858729
-
Oracle Java SE Critical Patch Update Advisory - February 2013 http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
-
Setting the Security Level of the Java Client http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html
-
The Security Manager http://docs.oracle.com/javase/tutorial/essential/environment/security.html
-
How to disable the Java web plug-in in Safari https://support.apple.com/kb/HT5241
-
How to turn off Java applets https://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets
-
NoScript http://noscript.net/
-
Securing Your Web Browser https://www.us-cert.gov/reading_room/securing_browser/#Safari
-
Vulnerability Note VU#636312 http://www.kb.cert.org/vuls/id/636312#solution
-
Java SE Development Kit 7, Update 13 (JDK 7u13) http://www.oracle.com/technetwork/java/javase/7u13-relnotes-1902884.html
-
Do Devs Care About Java (In)Security? (Comment about proxy filtering) http://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showComment=1353874245992#c4794680666510382012
Revision History
February 01, 2013: Initial release
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA13-032A Feedback VU#858729" in the subject.
Produced by US-CERT, a government organization. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the java.beans.Expression class. Due to unsafe handling of reflection of privileged classes inside the Expression class it is possible for untrusted code to gain access to privileged methods and properties. More details can be found at: http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-18357 15.html
-
-- Disclosure Timeline: 2012-07-24 - Vulnerability reported to vendor 2012-12-21 - Coordinated public release of advisory
-
-- Credit: This vulnerability was discovered by:
-
James Forshaw (tyranid)
-
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201208-0292", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "jdk", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.7.0" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "jdk", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.6.0" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "jre", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.7.0" }, { "model": "jre", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.6.0" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.3" }, { "model": "jdk", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "6 update 34" }, { "model": "jdk", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "7 update 6" }, { "model": "jre", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "6 update 34" }, { "model": "jre", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "7 update 6" }, { "model": "jdk", "scope": "lte", "trust": 0.8, "vendor": "sun microsystems", "version": "6 update 21" }, { "model": "jre", "scope": "lte", "trust": 0.8, "vendor": "sun microsystems", "version": "6 update 21" }, { "model": "secureware/ electronic signature development kit", "scope": "eq", "trust": 0.8, "vendor": "nec", "version": "v1.3" }, { "model": "linux enterprise server for vmware sp2", "scope": "eq", "trust": 0.6, "vendor": "suse", "version": "11" }, { "model": "linux enterprise server sp2", "scope": "eq", "trust": 0.6, "vendor": "suse", "version": "11" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.6, "vendor": "oracle", "version": "6.2" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.6, "vendor": "oracle", "version": "6" }, { "model": "java se sr1", "scope": "eq", "trust": 0.6, "vendor": "ibm", "version": "7" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.6, "vendor": "hp", "version": null }, { "model": "linux", "scope": null, "trust": 0.6, "vendor": "gentoo", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "5.0" }, { "model": "meeting exchange", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "5.0" }, { "model": "iq", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "5" }, { "model": "iq", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "4.0" }, { "model": "ip office application server", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "8.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "6.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "5.0" }, { "model": "aura presence services", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "6.0" }, { "model": "aura messaging", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "6.0" }, { "model": "aura conferencing sp1 standard", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "6.0" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "6.0" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "6.0.1" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "6.0" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.6, "vendor": "avaya", "version": "53002.0" }, { "model": "vcenter update manager", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "5.1" }, { "model": "vcenter update manager", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "5.0" }, { "model": "vcenter server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "5.0" }, { "model": "vcenter server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "4.1" }, { "model": "esx", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "4.1" }, { "model": "linux enterprise java sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux enterprise software development kit sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "trio tview software", "scope": "eq", "trust": 0.3, "vendor": "schneider electric", "version": "3.27.0" }, { "model": "enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux workstation optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux server optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux hpc node supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux hpc node optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux desktop optional", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "jre update", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.76" }, { "model": "jre update", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.6.034" }, { "model": "openjdk", "scope": "eq", "trust": 0.3, "vendor": "openjdk", "version": "0" }, { "model": "jre", "scope": "eq", "trust": 0.3, "vendor": "openjdk", "version": "1.7" }, { "model": "icedtea", "scope": "eq", "trust": 0.3, "vendor": "icedtea", "version": "2.3.0" }, { "model": "icedtea", "scope": "eq", "trust": 0.3, "vendor": "icedtea", "version": "2.2" }, { "model": "icedtea", "scope": "eq", "trust": 0.3, "vendor": "icedtea", "version": "2.1" }, { "model": "java sdk sr1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "jdk and jre", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.0.2" }, { "model": "messaging application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "call management system r16.3", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "call management system r16.2", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "call management system r16.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "call management system r", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "16" }, { "model": "call management system r", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "15" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "aura communication manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53003.0" }, { "model": "vcenter server update", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "5.11" }, { "model": "update manager update", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "5.11" }, { "model": "trio tview software", "scope": "ne", "trust": 0.3, "vendor": "schneider electric", "version": "3.29.0" }, { "model": "jre update", "scope": "ne", "trust": 0.3, "vendor": "oracle", "version": "1.77" }, { "model": "jre update", "scope": "ne", "trust": 0.3, "vendor": "oracle", "version": "1.6.035" }, { "model": "icedtea", "scope": "ne", "trust": 0.3, "vendor": "icedtea", "version": "2.3.1" }, { "model": "java se sr2", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "java sdk sr2", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "jdk and jre", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "7.0.3" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.04" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux enterprise desktop sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "12.1" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.4" }, { "model": "hat enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux workstation optional", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux workstation", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "hat enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux server optional", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux hpc node supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux hpc node optional", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux hpc node", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "hat enterprise linux desktop optional", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "6" }, { "model": "hat enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "hat enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "5" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2011" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2011" }, { "model": "enterprise server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "enterprise server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "6" }, { "model": "centos", "scope": "eq", "trust": 0.3, "vendor": "centos", "version": "5" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" } ], "sources": [ { "db": "BID", "id": "55213" }, { "db": "BID", "id": "55336" }, { "db": "JVNDB", "id": "JVNDB-2012-003918" }, { "db": "NVD", "id": "CVE-2012-4681" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2012-4681" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Adam Gowdiak of Security Explorations and James Forshaw (tyranid) via TippingPoint", "sources": [ { "db": "BID", "id": "55213" } ], "trust": 0.3 }, "cve": "CVE-2012-4681", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 6.8, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2012-4681", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CVE-2012-4681", "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "HIGH", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2012-4681", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2012-4681", "trust": 0.8, "value": "Medium" }, { "author": "VULMON", "id": "CVE-2012-4681", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2012-4681" }, { "db": "JVNDB", "id": "JVNDB-2012-003918" }, { "db": "NVD", "id": "CVE-2012-4681" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class. Oracle Provided by Java 7 Any OS A vulnerability exists that allows the command to be executed. Oracle Provided by Java 7 Is Java Any sandbox is avoided OS A vulnerability exists that allows the command to be executed. Attack code using this vulnerability has been released and attacks have been observed.Crafted Java By opening a web page with an applet embedded, OS The command may be executed. Oracle Java Runtime Environment (JRE) is prone to a remote code execution vulnerability. \nAn attacker can exploit this issue to bypass Java sandbox restrictions and load additional classes to execute arbitrary code in the context of the application. \nThis vulnerability affects Oracle JRE 1.7.0 Update 6; prior versions may also be affected. NOTE: this identifier was assigned by the Oracle\n CNA, but CVE is not intended to cover defense-in-depth issues that are\n only exposed by the presence of other vulnerabilities (CVE-2012-0547). The verification\n of md5 checksums and GPG signatures is performed automatically for you. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201401-30\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Oracle JRE/JDK: Multiple vulnerabilities\n Date: January 27, 2014\n Bugs: #404071, #421073, #433094, #438706, #451206, #455174,\n #458444, #460360, #466212, #473830, #473980, #488210, #498148\n ID: 201401-30\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the Oracle JRE/JDK,\nallowing attackers to cause unspecified impact. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-java/sun-jdk \u003c= 1.6.0.45 Vulnerable!\n 2 dev-java/oracle-jdk-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 3 dev-java/sun-jre-bin \u003c= 1.6.0.45 Vulnerable!\n 4 dev-java/oracle-jre-bin \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n 5 app-emulation/emul-linux-x86-java\n \u003c 1.7.0.51 \u003e= 1.7.0.51 *\n -------------------------------------------------------------------\n NOTE: Certain packages are still vulnerable. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. \n -------------------------------------------------------------------\n NOTE: Packages marked with asterisks require manual intervention!\n -------------------------------------------------------------------\n 5 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been reported in the Oracle Java\nimplementation. Please review the CVE identifiers referenced below for\ndetails. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Oracle JDK 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jdk-bin-1.7.0.51\"\n\nAll Oracle JRE 1.7 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jre-bin-1.7.0.51\"\n\nAll users of the precompiled 32-bit Oracle JRE should upgrade to the\nlatest version:\n\n # emerge --sync\n # emerge -a -1 -v \"\u003e=app-emulation/emul-linux-x86-java-1.7.0.51\"\n\nAll Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one\nof the newer Oracle packages like dev-java/oracle-jdk-bin or\ndev-java/oracle-jre-bin or choose another alternative we provide; eg. \nthe IBM JDK/JRE or the open source IcedTea. \n\nNOTE: As Oracle has revoked the DLJ license for its Java\nimplementation, the packages can no longer be updated automatically. \n\nReferences\n==========\n\n[ 1 ] CVE-2011-3563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[ 2 ] CVE-2011-5035\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[ 3 ] CVE-2012-0497\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[ 4 ] CVE-2012-0498\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498\n[ 5 ] CVE-2012-0499\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499\n[ 6 ] CVE-2012-0500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500\n[ 7 ] CVE-2012-0501\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[ 8 ] CVE-2012-0502\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[ 9 ] CVE-2012-0503\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[ 10 ] CVE-2012-0504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504\n[ 11 ] CVE-2012-0505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[ 12 ] CVE-2012-0506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[ 13 ] CVE-2012-0507\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507\n[ 14 ] CVE-2012-0547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[ 15 ] CVE-2012-1531\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531\n[ 16 ] CVE-2012-1532\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532\n[ 17 ] CVE-2012-1533\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533\n[ 18 ] CVE-2012-1541\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541\n[ 19 ] CVE-2012-1682\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682\n[ 20 ] CVE-2012-1711\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[ 21 ] CVE-2012-1713\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[ 22 ] CVE-2012-1716\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[ 23 ] CVE-2012-1717\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[ 24 ] CVE-2012-1718\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[ 25 ] CVE-2012-1719\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[ 26 ] CVE-2012-1721\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721\n[ 27 ] CVE-2012-1722\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722\n[ 28 ] CVE-2012-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[ 29 ] CVE-2012-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[ 30 ] CVE-2012-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[ 31 ] CVE-2012-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[ 32 ] CVE-2012-3136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136\n[ 33 ] CVE-2012-3143\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143\n[ 34 ] CVE-2012-3159\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159\n[ 35 ] CVE-2012-3174\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174\n[ 36 ] CVE-2012-3213\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213\n[ 37 ] CVE-2012-3216\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[ 38 ] CVE-2012-3342\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342\n[ 39 ] CVE-2012-4416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[ 40 ] CVE-2012-4681\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681\n[ 41 ] CVE-2012-5067\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067\n[ 42 ] CVE-2012-5068\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[ 43 ] CVE-2012-5069\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[ 44 ] CVE-2012-5070\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[ 45 ] CVE-2012-5071\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[ 46 ] CVE-2012-5072\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[ 47 ] CVE-2012-5073\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[ 48 ] CVE-2012-5074\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[ 49 ] CVE-2012-5075\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[ 50 ] CVE-2012-5076\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[ 51 ] CVE-2012-5077\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[ 52 ] CVE-2012-5079\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079\n[ 53 ] CVE-2012-5081\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[ 54 ] CVE-2012-5083\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083\n[ 55 ] CVE-2012-5084\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[ 56 ] CVE-2012-5085\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[ 57 ] CVE-2012-5086\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[ 58 ] CVE-2012-5087\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[ 59 ] CVE-2012-5088\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088\n[ 60 ] CVE-2012-5089\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[ 61 ] CVE-2013-0169\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[ 62 ] CVE-2013-0351\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351\n[ 63 ] CVE-2013-0401\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[ 64 ] CVE-2013-0402\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402\n[ 65 ] CVE-2013-0409\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409\n[ 66 ] CVE-2013-0419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419\n[ 67 ] CVE-2013-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422\n[ 68 ] CVE-2013-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423\n[ 69 ] CVE-2013-0430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430\n[ 70 ] CVE-2013-0437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437\n[ 71 ] CVE-2013-0438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438\n[ 72 ] CVE-2013-0445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445\n[ 73 ] CVE-2013-0446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446\n[ 74 ] CVE-2013-0448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448\n[ 75 ] CVE-2013-0449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449\n[ 76 ] CVE-2013-0809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[ 77 ] CVE-2013-1473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473\n[ 78 ] CVE-2013-1479\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479\n[ 79 ] CVE-2013-1481\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481\n[ 80 ] CVE-2013-1484\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[ 81 ] CVE-2013-1485\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[ 82 ] CVE-2013-1486\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[ 83 ] CVE-2013-1487\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487\n[ 84 ] CVE-2013-1488\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[ 85 ] CVE-2013-1491\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491\n[ 86 ] CVE-2013-1493\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[ 87 ] CVE-2013-1500\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[ 88 ] CVE-2013-1518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[ 89 ] CVE-2013-1537\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[ 90 ] CVE-2013-1540\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540\n[ 91 ] CVE-2013-1557\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[ 92 ] CVE-2013-1558\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558\n[ 93 ] CVE-2013-1561\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561\n[ 94 ] CVE-2013-1563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563\n[ 95 ] CVE-2013-1564\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564\n[ 96 ] CVE-2013-1569\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[ 97 ] CVE-2013-1571\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[ 98 ] CVE-2013-2383\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[ 99 ] CVE-2013-2384\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 100 ] CVE-2013-2394\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394\n[ 101 ] CVE-2013-2400\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400\n[ 102 ] CVE-2013-2407\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 103 ] CVE-2013-2412\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 104 ] CVE-2013-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414\n[ 105 ] CVE-2013-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 106 ] CVE-2013-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416\n[ 107 ] CVE-2013-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 108 ] CVE-2013-2418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418\n[ 109 ] CVE-2013-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 110 ] CVE-2013-2420\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 111 ] CVE-2013-2421\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 112 ] CVE-2013-2422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 113 ] CVE-2013-2423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 114 ] CVE-2013-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 115 ] CVE-2013-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425\n[ 116 ] CVE-2013-2426\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 117 ] CVE-2013-2427\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427\n[ 118 ] CVE-2013-2428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428\n[ 119 ] CVE-2013-2429\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 120 ] CVE-2013-2430\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 121 ] CVE-2013-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 122 ] CVE-2013-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432\n[ 123 ] CVE-2013-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433\n[ 124 ] CVE-2013-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434\n[ 125 ] CVE-2013-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435\n[ 126 ] CVE-2013-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 127 ] CVE-2013-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437\n[ 128 ] CVE-2013-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438\n[ 129 ] CVE-2013-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439\n[ 130 ] CVE-2013-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440\n[ 131 ] CVE-2013-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442\n[ 132 ] CVE-2013-2443\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 133 ] CVE-2013-2444\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 134 ] CVE-2013-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 135 ] CVE-2013-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 136 ] CVE-2013-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 137 ] CVE-2013-2448\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 138 ] CVE-2013-2449\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 139 ] CVE-2013-2450\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 140 ] CVE-2013-2451\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 141 ] CVE-2013-2452\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 142 ] CVE-2013-2453\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 143 ] CVE-2013-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 144 ] CVE-2013-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 145 ] CVE-2013-2456\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 146 ] CVE-2013-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 147 ] CVE-2013-2458\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 148 ] CVE-2013-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 149 ] CVE-2013-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 150 ] CVE-2013-2461\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 151 ] CVE-2013-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462\n[ 152 ] CVE-2013-2463\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 153 ] CVE-2013-2464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464\n[ 154 ] CVE-2013-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 155 ] CVE-2013-2466\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466\n[ 156 ] CVE-2013-2467\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467\n[ 157 ] CVE-2013-2468\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468\n[ 158 ] CVE-2013-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 159 ] CVE-2013-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 160 ] CVE-2013-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 161 ] CVE-2013-2472\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 162 ] CVE-2013-2473\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 163 ] CVE-2013-3743\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743\n[ 164 ] CVE-2013-3744\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744\n[ 165 ] CVE-2013-3829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 166 ] CVE-2013-5772\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 167 ] CVE-2013-5774\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 168 ] CVE-2013-5775\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775\n[ 169 ] CVE-2013-5776\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776\n[ 170 ] CVE-2013-5777\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777\n[ 171 ] CVE-2013-5778\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 172 ] CVE-2013-5780\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 173 ] CVE-2013-5782\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 174 ] CVE-2013-5783\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 175 ] CVE-2013-5784\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 176 ] CVE-2013-5787\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787\n[ 177 ] CVE-2013-5788\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788\n[ 178 ] CVE-2013-5789\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789\n[ 179 ] CVE-2013-5790\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 180 ] CVE-2013-5797\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 181 ] CVE-2013-5800\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 182 ] CVE-2013-5801\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801\n[ 183 ] CVE-2013-5802\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 184 ] CVE-2013-5803\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 185 ] CVE-2013-5804\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 186 ] CVE-2013-5805\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 187 ] CVE-2013-5806\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 188 ] CVE-2013-5809\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 189 ] CVE-2013-5810\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810\n[ 190 ] CVE-2013-5812\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812\n[ 191 ] CVE-2013-5814\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 192 ] CVE-2013-5817\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 193 ] CVE-2013-5818\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818\n[ 194 ] CVE-2013-5819\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819\n[ 195 ] CVE-2013-5820\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 196 ] CVE-2013-5823\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 197 ] CVE-2013-5824\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824\n[ 198 ] CVE-2013-5825\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 199 ] CVE-2013-5829\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 200 ] CVE-2013-5830\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 201 ] CVE-2013-5831\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831\n[ 202 ] CVE-2013-5832\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832\n[ 203 ] CVE-2013-5838\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838\n[ 204 ] CVE-2013-5840\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 205 ] CVE-2013-5842\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 206 ] CVE-2013-5843\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843\n[ 207 ] CVE-2013-5844\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844\n[ 208 ] CVE-2013-5846\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846\n[ 209 ] CVE-2013-5848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848\n[ 210 ] CVE-2013-5849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 211 ] CVE-2013-5850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 212 ] CVE-2013-5851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 213 ] CVE-2013-5852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852\n[ 214 ] CVE-2013-5854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854\n[ 215 ] CVE-2013-5870\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870\n[ 216 ] CVE-2013-5878\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878\n[ 217 ] CVE-2013-5887\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887\n[ 218 ] CVE-2013-5888\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888\n[ 219 ] CVE-2013-5889\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889\n[ 220 ] CVE-2013-5893\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893\n[ 221 ] CVE-2013-5895\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895\n[ 222 ] CVE-2013-5896\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896\n[ 223 ] CVE-2013-5898\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898\n[ 224 ] CVE-2013-5899\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899\n[ 225 ] CVE-2013-5902\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902\n[ 226 ] CVE-2013-5904\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904\n[ 227 ] CVE-2013-5905\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905\n[ 228 ] CVE-2013-5906\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906\n[ 229 ] CVE-2013-5907\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907\n[ 230 ] CVE-2013-5910\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910\n[ 231 ] CVE-2014-0368\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368\n[ 232 ] CVE-2014-0373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373\n[ 233 ] CVE-2014-0375\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375\n[ 234 ] CVE-2014-0376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376\n[ 235 ] CVE-2014-0382\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382\n[ 236 ] CVE-2014-0385\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385\n[ 237 ] CVE-2014-0387\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387\n[ 238 ] CVE-2014-0403\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403\n[ 239 ] CVE-2014-0408\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408\n[ 240 ] CVE-2014-0410\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410\n[ 241 ] CVE-2014-0411\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411\n[ 242 ] CVE-2014-0415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415\n[ 243 ] CVE-2014-0416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416\n[ 244 ] CVE-2014-0417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417\n[ 245 ] CVE-2014-0418\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418\n[ 246 ] CVE-2014-0422\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422\n[ 247 ] CVE-2014-0423\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423\n[ 248 ] CVE-2014-0424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424\n[ 249 ] CVE-2014-0428\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-30.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: java-1.7.0-openjdk security update\nAdvisory ID: RHSA-2012:1223-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2012-1223.html\nIssue date: 2012-09-03\nCVE Names: CVE-2012-0547 CVE-2012-1682 CVE-2012-3136 \n CVE-2012-4681 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-openjdk packages that fix several security issues are\nnow available for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThese packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit. \n\nMultiple improper permission check issues were discovered in the Beans\ncomponent in OpenJDK. \n(CVE-2012-0547)\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n852051 - CVE-2012-4681 OpenJDK: beans insufficient permission checks, Java 7 0day (beans, 7162473)\n853097 - CVE-2012-1682 OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)\n853138 - CVE-2012-3136 OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)\n853228 - CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm\n\ni386:\njava-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\n\nx86_64:\njava-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.src.rpm\n\ni386:\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm\njava-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm\n\nnoarch:\njava-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpm\n\nx86_64:\njava-1.7.0-openjdk-debuginfo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\njava-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-0547.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-1682.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3136.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-4681.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQRKzHXlSAg2UNWIIRAt9QAJ9qt+dYZrGWLZfelO3gxXIHLRIrjgCdE0e8\n0vzPqUIZfBkT+eNBNebUuVE=\n=WYyS\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Web\n browsers using the Java 7 plug-in are at high risk. Both Java applets delivered via web browsers and stand-alone\n Java applications are affected, however web browsers using the Java\n 7 plug-in are at particularly high risk. \n\n The Java 7 plug-in, the Java Deployment Toolkit plug-in, and Java\n Web Start can be used as attack vectors. An attacker could use\n social engineering techniques to entice a user to visit a link to a\n website hosting a malicious Java applet. An attacker could also\n compromise a legitimate web site and upload a malicious Java applet\n (a \"drive-by download\" attack). \n\n Reports indicate that at least one of these vulnerabilities is\n being actively exploited. \n\n Stand-alone java applications may also be affected. \n\n Disable Java in web browsers\n\n These and previous Java vulnerabilities have been widely targeted\n by attackers, and new Java vulnerabilities are likely to be\n discovered. To defend against this and future Java vulnerabilities,\n consider disabling Java in web browsers until adequate updates have\n been installed. As with any software, unnecessary features should\n be disabled or removed as appropriate for your environment. \n\n Starting with Java 7 Update 10, it is possible to disable Java\n content in web browsers through the Java control panel applet. From\n Setting the Security Level of the Java Client:\n\n For installations where the highest level of security is required,\n it is possible to entirely prevent any Java apps (signed or\n unsigned) from running in a browser by de-selecting Enable Java\n content in the browser in the Java Control Panel under the Security\n tab. \n\n Restrict access to Java applets\n\n Network administrators unable to disable Java in web browsers may\n be able to help mitigate these and other Java vulnerabilities by\n restricting access to Java applets using a web proxy. Most web\n proxies have features that can be used to block or whitelist\n requests for .jar and .class files based on network location. \n Filtering requests that contain a Java User-Agent header may also\n be effective. For environments where Java is required on the local\n intranet, the proxy can be configured to allow access to Java\n applets hosted locally, but block access to Java applets on the\n internet. \n\n\nReferences\n\n * Vulnerability Note VU#858729\n \u003chttp://www.kb.cert.org/vuls/id/858729\u003e\n\n * Oracle Java SE Critical Patch Update Advisory - February 2013\n \u003chttp://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html\u003e\n\n * Setting the Security Level of the Java Client\n \u003chttp://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html\u003e\n\n * The Security Manager\n \u003chttp://docs.oracle.com/javase/tutorial/essential/environment/security.html\u003e\n\n * How to disable the Java web plug-in in Safari\n \u003chttps://support.apple.com/kb/HT5241\u003e\n\n * How to turn off Java applets\n \u003chttps://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets\u003e\n\n * NoScript\n \u003chttp://noscript.net/\u003e\n\n * Securing Your Web Browser\n \u003chttps://www.us-cert.gov/reading_room/securing_browser/#Safari\u003e\n\n * Vulnerability Note VU#636312\n \u003chttp://www.kb.cert.org/vuls/id/636312#solution\u003e\n\n * Java SE Development Kit 7, Update 13 (JDK 7u13)\n \u003chttp://www.oracle.com/technetwork/java/javase/7u13-relnotes-1902884.html\u003e\n\n * Do Devs Care About Java (In)Security? (Comment about proxy\n filtering)\n \u003chttp://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showComment=1353874245992#c4794680666510382012\u003e\n\n\nRevision History\n\n February 01, 2013: Initial release\n\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA13-032A Feedback VU#858729\" in\n the subject. \n ____________________________________________________________________\n\n Produced by US-CERT, a government organization. User interaction is required to\nexploit this vulnerability in that the target must visit a malicious page\nor open a malicious file. \n\nThe specific flaw exists within the java.beans.Expression class. Due to\nunsafe handling of reflection of privileged classes inside the Expression\nclass it is possible for untrusted code to gain access to privileged\nmethods and properties. More details can\nbe found at:\nhttp://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-18357\n15.html\n\n\n- -- Disclosure Timeline:\n2012-07-24 - Vulnerability reported to vendor\n2012-12-21 - Coordinated public release of advisory\n\n- -- Credit:\nThis vulnerability was discovered by:\n* James Forshaw (tyranid)\n\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product", "sources": [ { "db": "NVD", "id": "CVE-2012-4681" }, { "db": "JVNDB", "id": "JVNDB-2012-003918" }, { "db": "BID", "id": "55213" }, { "db": "BID", "id": "55336" }, { "db": "VULMON", "id": "CVE-2012-4681" }, { "db": "PACKETSTORM", "id": "117166" }, { "db": "PACKETSTORM", "id": "116402" }, { "db": "PACKETSTORM", "id": "116648" }, { "db": "PACKETSTORM", "id": "124943" }, { "db": "PACKETSTORM", "id": "116176" }, { "db": "PACKETSTORM", "id": "120006" }, { "db": "PACKETSTORM", "id": "119029" } ], "trust": 2.88 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20865", "trust": 0.1, "type": "exploit" } ], "sources": [ { "db": "VULMON", "id": "CVE-2012-4681" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-4681", "trust": 3.1 }, { "db": "USCERT", "id": "TA12-240A", "trust": 1.8 }, { "db": "BID", "id": "55213", "trust": 1.3 }, { "db": "CERT/CC", "id": "VU#636312", "trust": 1.2 }, { "db": "SECUNIA", "id": "51044", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2012-003918", "trust": 0.8 }, { "db": "ZDI", "id": "ZDI-12-197", "trust": 0.4 }, { "db": "ICS CERT", "id": "ICSA-17-213-02", "trust": 0.3 }, { "db": "BID", "id": "55336", "trust": 0.3 }, { "db": "VULMON", "id": "CVE-2012-4681", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "117166", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116402", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116648", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "124943", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116176", "trust": 0.1 }, { "db": "CERT/CC", "id": "VU#858729", "trust": 0.1 }, { "db": "USCERT", "id": "TA13-032A", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120006", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "119029", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2012-4681" }, { "db": "BID", "id": "55213" }, { "db": "BID", "id": "55336" }, { "db": "JVNDB", "id": "JVNDB-2012-003918" }, { "db": "PACKETSTORM", "id": "117166" }, { "db": "PACKETSTORM", "id": "116402" }, { "db": "PACKETSTORM", "id": "116648" }, { "db": "PACKETSTORM", "id": "124943" }, { "db": "PACKETSTORM", "id": "116176" }, { "db": "PACKETSTORM", "id": "120006" }, { "db": "PACKETSTORM", "id": "119029" }, { "db": "NVD", "id": "CVE-2012-4681" } ] }, "id": "VAR-201208-0292", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 1.0 }, "last_update_date": "2024-07-22T21:15:33.415000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "NV13-001", "trust": 0.8, "url": "http://jpn.nec.com/security-info/secinfo/nv13-001.html" }, { "title": "SUSE-SU-2012:1231", "trust": 0.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html" }, { "title": "SUSE-SU-2012:1398", "trust": 0.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" }, { "title": "Java SE Downloads", "trust": 0.8, "url": "http://www.oracle.com/technetwork/java/javase/downloads/index.html" }, { "title": "The Security Manager", "trust": 0.8, "url": "http://docs.oracle.com/javase/tutorial/essential/environment/security.html" }, { "title": "Oracle Security Alert for CVE-2012-4681", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "title": "RHSA-2012:1225", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2012-1225.html" }, { "title": "TA12-240A", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta12-240a.html" }, { "title": "Red Hat: Important: java-1.7.0-openjdk security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121223 - security advisory" }, { "title": "Red Hat: Critical: java-1.7.0-oracle security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121225 - security advisory" }, { "title": "Red Hat: Important: java-1.6.0-openjdk security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121222 - security advisory" }, { "title": "Red Hat: Critical: java-1.6.0-openjdk security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121221 - security advisory" }, { "title": "Red Hat: Critical: java-1.7.0-ibm security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121289 - security advisory" }, { "title": "Red Hat: Critical: java-1.6.0-sun security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20121392 - security advisory" }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2012-4681 " }, { "title": "PoCs-CVE_2012_4681", "trust": 0.1, "url": "https://github.com/zh3feng/pocs-cve_2012_4681 " }, { "title": "Public-Pcaps", "trust": 0.1, "url": "https://github.com/thongsia/public-pcaps " }, { "title": "BroMalware-Exercise", "trust": 0.1, "url": "https://github.com/liamrandall/bromalware-exercise " }, { "title": "CVE-2012-4681-Armoring", "trust": 0.1, "url": "https://github.com/benjholla/cve-2012-4681-armoring " }, { "title": "obfuscation-stuff", "trust": 0.1, "url": "https://github.com/alphaseclab/obfuscation-stuff " } ], "sources": [ { "db": "VULMON", "id": "CVE-2012-4681" }, { "db": "JVNDB", "id": "JVNDB-2012-003918" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2012-4681" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "trust": 1.8, "url": "http://www.us-cert.gov/cas/techalerts/ta12-240a.html" }, { "trust": 1.3, "url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html" }, { "trust": 1.1, "url": "http://www.kb.cert.org/vuls/id/636312" }, { "trust": 1.0, "url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html" }, { "trust": 1.0, "url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/" }, { "trust": 1.0, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html" }, { "trust": 1.0, "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "trust": 1.0, "url": "http://rhn.redhat.com/errata/rhsa-2012-1225.html" }, { "trust": 1.0, "url": "http://secunia.com/advisories/51044" }, { "trust": 1.0, "url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html" }, { "trust": 1.0, "url": "http://www.securityfocus.com/bid/55213" }, { "trust": 1.0, "url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4681" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20120831-oracle.html" }, { "trust": 0.8, "url": "http://www.jpcert.or.jp/at/2012/at120028.html" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnta12-240a/" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4681" }, { "trust": 0.7, "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" }, { "trust": 0.6, "url": "http://java.sun.com" }, { "trust": 0.6, "url": "https://downloads.avaya.com/css/p8/documents/100169377" }, { "trust": 0.6, "url": "http://www.oracle.com/technetwork/java/index.html" }, { "trust": 0.6, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03533078" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1682" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0547" }, { "trust": 0.4, "url": "http://www.zerodayinitiative.com/advisories/zdi-12-197" }, { "trust": 0.3, "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-august/020083.html" }, { "trust": 0.3, "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-august/020065.html" }, { "trust": 0.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02" }, { "trust": 0.3, "url": "http://www.vmware.com/security/advisories/vmsa-2013-0006.html" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100166370" }, { "trust": 0.2, "url": "http://www.mandriva.com/security/" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1682" }, { "trust": 0.2, "url": "http://www.mandriva.com/security/advisories" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0547" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-4681.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-1682.html" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4681" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1713" }, { "trust": 0.2, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.2, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1717" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-0547.html" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1721" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1722" }, { "trust": 0.2, "url": "https://access.redhat.com/knowledge/articles/11258" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1716" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3136" }, { "trust": 0.2, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.2, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2012-3136.html" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1719" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1725.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1717.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1722.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0551.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1721.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1719.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1725" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1726.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1716.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1713.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0551" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2012-1289.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1726" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0503" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0501" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201401-30.xml" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0499" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0504" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1723" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0507" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5035" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0500" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0502" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0497" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3563" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1711" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0498" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0505" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0506" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088" }, { "trust": 0.1, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2012-1223.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/858729\u003e" }, { "trust": 0.1, "url": "http://www.us-cert.gov/privacy/notification.html" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/636312#solution\u003e" }, { "trust": 0.1, "url": "http://docs.oracle.com/javase/tutorial/essential/environment/security.html\u003e" }, { "trust": 0.1, "url": "https://support.apple.com/kb/ht5241\u003e" }, { "trust": 0.1, "url": "http://www.us-cert.gov/privacy/" }, { "trust": 0.1, "url": "https://www.us-cert.gov/reading_room/securing_browser/#safari\u003e" }, { "trust": 0.1, "url": "http://www.oracle.com/technetwork/java/javase/7u13-relnotes-1902884.html\u003e" }, { "trust": 0.1, "url": "https://support.mozilla.org/en-us/kb/how%20to%20turn%20off%20java%20applets\u003e" }, { "trust": 0.1, "url": "http://www.us-cert.gov/cas/signup.html" }, { "trust": 0.1, "url": "http://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showcomment=1353874245992#c4794680666510382012\u003e" }, { "trust": 0.1, "url": "http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html\u003e" }, { "trust": 0.1, "url": "http://www.us-cert.gov/cas/techalerts/ta13-032a.html" }, { "trust": 0.1, "url": "http://noscript.net/\u003e" }, { "trust": 0.1, "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html\u003e" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/" }, { "trust": 0.1, "url": "http://twitter.com/thezdi" }, { "trust": 0.1, "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-18357" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com" } ], "sources": [ { "db": "BID", "id": "55213" }, { "db": "BID", "id": "55336" }, { "db": "JVNDB", "id": "JVNDB-2012-003918" }, { "db": "PACKETSTORM", "id": "117166" }, { "db": "PACKETSTORM", "id": "116402" }, { "db": "PACKETSTORM", "id": "116648" }, { "db": "PACKETSTORM", "id": "124943" }, { "db": "PACKETSTORM", "id": "116176" }, { "db": "PACKETSTORM", "id": "120006" }, { "db": "PACKETSTORM", "id": "119029" }, { "db": "NVD", "id": "CVE-2012-4681" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2012-4681" }, { "db": "BID", "id": "55213" }, { "db": "BID", "id": "55336" }, { "db": "JVNDB", "id": "JVNDB-2012-003918" }, { "db": "PACKETSTORM", "id": "117166" }, { "db": "PACKETSTORM", "id": "116402" }, { "db": "PACKETSTORM", "id": "116648" }, { "db": "PACKETSTORM", "id": "124943" }, { "db": "PACKETSTORM", "id": "116176" }, { "db": "PACKETSTORM", "id": "120006" }, { "db": "PACKETSTORM", "id": "119029" }, { "db": "NVD", "id": "CVE-2012-4681" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-08-28T00:00:00", "db": "VULMON", "id": "CVE-2012-4681" }, { "date": "2012-08-27T00:00:00", "db": "BID", "id": "55213" }, { "date": "2012-08-30T00:00:00", "db": "BID", "id": "55336" }, { "date": "2012-08-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-003918" }, { "date": "2012-10-06T01:01:01", "db": "PACKETSTORM", "id": "117166" }, { "date": "2012-09-11T05:52:05", "db": "PACKETSTORM", "id": "116402" }, { "date": "2012-09-19T07:23:27", "db": "PACKETSTORM", "id": "116648" }, { "date": "2014-01-27T18:30:13", "db": "PACKETSTORM", "id": "124943" }, { "date": "2012-09-04T00:06:09", "db": "PACKETSTORM", "id": "116176" }, { "date": "2013-02-02T16:37:58", "db": "PACKETSTORM", "id": "120006" }, { "date": "2012-12-22T15:43:25", "db": "PACKETSTORM", "id": "119029" }, { "date": "2012-08-28T00:55:01.860000", "db": "NVD", "id": "CVE-2012-4681" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-12-21T00:00:00", "db": "VULMON", "id": "CVE-2012-4681" }, { "date": "2017-08-03T11:09:00", "db": "BID", "id": "55213" }, { "date": "2015-03-19T09:33:00", "db": "BID", "id": "55336" }, { "date": "2013-02-04T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-003918" }, { "date": "2022-12-21T15:28:09.200000", "db": "NVD", "id": "CVE-2012-4681" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "55213" }, { "db": "BID", "id": "55336" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Oracle Java 7 Vulnerability to", "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-003918" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unknown", "sources": [ { "db": "BID", "id": "55213" }, { "db": "BID", "id": "55336" } ], "trust": 0.6 } }
gsd-2012-4681
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2012-4681", "description": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.", "id": "GSD-2012-4681", "references": [ "https://www.suse.com/security/cve/CVE-2012-4681.html", "https://access.redhat.com/errata/RHSA-2012:1289", "https://access.redhat.com/errata/RHSA-2012:1225", "https://access.redhat.com/errata/RHSA-2012:1223", "https://linux.oracle.com/cve/CVE-2012-4681.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2012-4681" ], "details": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.", "id": "GSD-2012-4681", "modified": "2023-12-13T01:20:14.809716Z", "schema_version": "1.4.0" } }, "namespaces": { "cisa.gov": { "cveID": "CVE-2012-4681", "dateAdded": "2022-03-03", "dueDate": "2022-03-24", "product": "Java SE", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.", "vendorProject": "Oracle", "vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability" }, "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4681", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html", "refsource": "MISC", "url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html" }, { "name": "SUSE-SU-2012:1398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" }, { "name": "SUSE-SU-2012:1231", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html" }, { "name": "TA12-240A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html" }, { "name": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/", "refsource": "MISC", "url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/" }, { "name": "SSRT100970", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "name": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day", "refsource": "MISC", "url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day" }, { "name": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html", "refsource": "MISC", "url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "name": "RHSA-2012:1225", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html" }, { "name": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html", "refsource": "MISC", "url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html" }, { "name": "51044", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51044" }, { "name": "HPSBUX02824", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "name": "55213", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55213" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-4681" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day" }, { "name": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html" }, { "name": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/", "refsource": "MISC", "tags": [ "Broken Link", "Exploit" ], "url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/" }, { "name": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html" }, { "name": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html", "refsource": "MISC", "tags": [ "Exploit", "Third Party Advisory" ], "url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html" }, { "name": "SUSE-SU-2012:1231", "refsource": "SUSE", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html" }, { "name": "RHSA-2012:1225", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html" }, { "name": "SUSE-SU-2012:1398", "refsource": "SUSE", "tags": [ "Broken Link" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" }, { "name": "SSRT100970", "refsource": "HP", "tags": [ "Issue Tracking", "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2" }, { "name": "TA12-240A", "refsource": "CERT", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html" }, { "name": "51044", "refsource": "SECUNIA", "tags": [ "Not Applicable" ], "url": "http://secunia.com/advisories/51044" }, { "name": "55213", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/55213" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false } }, "lastModifiedDate": "2022-12-21T15:28Z", "publishedDate": "2012-08-28T00:55Z" } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.